Threat Database Backdoors Backdoor:Win32/Beastdoor.L

Backdoor:Win32/Beastdoor.L

Backdoor:Win32/Beastdoor.L is a backdoor Trojan that disguises itself as a legitimate program to trick users into downloading it. Once downloaded, Backdoor:Win32/Beastdoor.L will launch annoying advertisements in the form of pop-ups and pop-unders as well as cause frequent browser redirection to malicious or advertising websites. Backdoor:Win32/Beastdoor.L may also download other malware onto a compromised machine putting the system at greater risk.

File System Details

Backdoor:Win32/Beastdoor.L may create the following file(s):
# File Name Detections
1. %Windir%\svchost.exe
2. %Windir%\msagent\mssnqi.com
3. %System%\msntjq.com

Registry Details

Backdoor:Win32/Beastdoor.L may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
StubPath = "%System%\msntjq.com"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{42CE4021-DE03-E3CC-EA32-40BB12E6015D}
COM Service = "%Windir%\msagent\mssnqi.com"

Trending

Most Viewed

Loading...