Mousey Description

Mousey is a backdoor trojan that gives the remote attacker unauthorized access to a compromised computer. The parasite can be used to control infected systems, download and install malicious software, attack remote hosts and disable essential system services. Mousey is able to distribute itself using known Windows vulnerabilities. Once executed, the backdoor installs files into the default system directory (C:\Windows\System32 or C:\Winnt\System32) and modifies the registry, so that the threat runs on every OS startup.

Type: Backdoors

How Can You Detect Mousey?

Mousey has typically the following processes in memory:

• mousecrm.exe

Mousey creates the following registry entries:

• estrictanonymous=1
• HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa
• HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesmousecrm
• HKEY_LOCAL_MACHINESOFTWAREMicrosoftOLEEnableDCOM=n

Important Article Disclaimer