Backdoor.Alusins

Backdoor.Alusins Description

Backdoor.Alusins is a backdoor Trojan that opens a back door and steals information from the corrupted PC. Once run, Backdoor.Alusins creates the malevolent files. Backdoor.Alusins then creates the registry entries so that it can load automatically whenever the computer user starts Windows.

Backdoor.Alusins then opens a back door on the attacked PC, permitting a cybercook to fulfill the harmful actions such as embed a malevolent code into legal processes, such as 'svchost.exe', 'notepad.exe', and 'calc.exe' in order to conceal its occurrence, connect to a distant server to receive instructions, gain system information such as user name, computer name, OS version, IP address, language, gain type and version of firewall application installed, gain type and version of security tools installed, receive the list of processes, log keystrokes, view the Windows Registry, open default Internet browser and connect to a URL indicated by the cybercrook, capture webcam footage, show warnings and notifications on the targeted PC, drop and execute other malware threats, open and close the optical drive, send email using indicated user names and passwords, and steal Pidgin and Filezilla user names and passwords.

Technical Information

File System Details

Backdoor.Alusins creates the following file(s):
# File Name Detection Count
1 %Temp%\firavs.vbs N/A
2 %Temp%\key.txt N/A

Registry Details

Backdoor.Alusins creates the following registry entry or registry entries:
RegistryKey
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"[RANDOM CHARACTERS]" = "[THREAT PATH]\[THREAT NAME].exe"
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"[RANDOM CHARACTERS]" = "[THREAT PATH]\[THREAT NAME].exe"