Backdoor.Adwind

Backdoor.Adwind Description

Type: Backdoors

Backdoor.Adwind is a backdoor Trojan that opens a back door on the compromised PC, steals information, and may distribute other malware infections. Backdoor.Adwind may propagate as a malicious spam email attachment. Backdoor.Adwind was generated in Java and can be run on a variety of operating systems, incorporating Windows, Mac OS and Linux. Once run, Backdoor.Adwind creates the infected files. Backdoor.Adwind opens a back door on the infected computer and connects to the specific URLs. Backdoor.Adwind can be built with a kit and can be set to access any URL. Backdoor.Adwind may execute the damaging actions, such as access the webcam, access the file system to read, write, or delete files, take screenshots, log keystrokes, drop and execute files, play an audio message, and tamper with the mouse and keyboard.

Technical Information

File System Details

Backdoor.Adwind creates the following file(s):
# File Name MD5 Detection Count
1 lcusmagrlf.txt 79e9dd35aef6558461c4b93cd0c55b76 10
2 unxx0jihww.txt db46adcfae462e7c475c171fbe66df82 9
3 B2856B11FF23D35DA2C9C906C61781BA_purchaseorder.jar b2856b11ff23d35da2c9c906c61781ba 1
4 %Temp%\JNativeHook_[RANDOM DIGITS].dll N/A
5 %UserProfile%\.plugins2\003.server N/A
6 %UserProfile%\.plugins2\006.server N/A
7 %UserProfile%\.plugins2\009.server N/A
8 %UserProfile%\logss N/A
9 %UserProfile%\.plugins2\002.server N/A
10 %UserProfile%\.plugins2\005.server N/A
11 %UserProfile%\.plugins2\008.server N/A
12 %UserProfile%\Application Data\Iexplorer\Chrome.jar N/A
13 %UserProfile%\.plugins2\001.server N/A
14 %UserProfile%\.plugins2\004.server N/A
15 %UserProfile%\.plugins2\007.server N/A
16 %UserProfile%\Application Data\Iexplorer\Desktop.ini N/A
17 file.jar 88891dcf0c9e9cb66176db351efdef54 0
18 file.exe d8e2d73f50e8e13acca5f60abf78ee4d 0
More files

More Details on Backdoor.Adwind

The following URL's were found:
Tip: We recommend blocking the domain names as well as the IP addresses associated with them.
  • pepepepe.myvnc.com

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.