BackDoor.Andromeda

BackDoor.Andromeda Description

Trojan.Andromeda ScreenshotESG security analysts have been informed about numerous Trojan attacks centered primarily in Central and Eastern Europe involving Backdoor.Andromeda. Like most backdoor Trojans, Backdoor.Andromeda is only the first in a multi-component malware attack designed to wreak havoc on a victim's computer system. However, although Backdoor.Andromeda's primary purpose is to open a back door into the victim's computer system, this malware infection also has spyware capabilities, the ability to get into to an alien server and to download and set up other malware, as well as the ability to relay information to a remote attacker.

Most infections with Backdoor.Andromeda are acquired from malicious email attachments, although this malware infection may also invade a computer system as a result of an attack website exploiting known vulnerabilities in the victim's computer system. ESG malware researchers consider that Backdoor.Andromeda is a severe threat to a computer's security. Because of this, it is extremely important to delete Backdoor.Andromeda immediately with a reliable anti-malware application and to ensure that other malware has not managed to infect the victim's computer system due to Backdoor.Andromeda's backdoor.

Backdoor.Andromeda Enables other Dangerous Trojan Attacks

The main purpose of Backdoor.Andromeda is to create a backdoor into the infected computer system. 'Backdoor' simply refers to an unauthorized opening in the infected computer's security. By using this opening, a criminal can connect to the infected computer and install other malware or take out sensitive information, much like an unguarded back door can allow a robber to sneak into a building. Backdoor.Andromeda has been involved in various other malware attacks that can be installed on the victim's computer thanks to Backdoor.Andromeda's backdoor. There's a bundle of Trojans that are often installed by using this unauthorized security breach. Among these Trojans, ESG malware researchers have identified a spam bot, that is, a Trojan designed to take over the infected computer's email client in order to send out spam email; an IRC bot, which is a malware infection that enables criminals to take over the infected computer system by sending it commands via IRC; and a browser hijacker, a Trojan that changes the infected computer's HOSTS file in order to redirect its online activities.

Technical Information

File System Details

BackDoor.Andromeda creates the following file(s):
# File Name Size MD5 Detection Count
1 C:\Users\DELL\AppData\Local\6e745dw6rg7t8itu.exe 696,320 bc90c938bc1170444a691cdc04ec733e 3,361
2 %SYSTEMDRIVE%\Users\Dani\loader.exe\loader.exe 665,088 40c0c45bd9741ef0f9d2ff972d0b8d75 19
3 %ALLUSERSPROFILE%mszjeb.exe 172,032 0e9c6292025426164fc32f2413a84846 2
4 file.exe 34,808 40a5dd7fd8a1d9a2027070db784440f7 0
More files

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.