Threat Database Backdoors Backdoor.Cimuz

Backdoor.Cimuz

By Domesticus in Backdoors

Backdoor.Cimuz is a dangerous backdoor Trojan that is able to install on your computer system without your consent and then download and execute various files without your knowledge. Backdoor.Cimuz changes registry entries to enter the targeted computer system. Backdoor.Cimuz shows pop-up error, and when clicked on the error it redirects the user to download malicious application or the application gets executed by Backdoor.Cimuz. Backdoor.Cimuz disguises itself deep in the system so that it could protect its files even when System Restore is done. Backdoor.Cimuz opens a backdoor on the affected computer that gives remote attackers access to control your machine, download more threats or to steal personal information. It is strongly recommended removing Backdoor.Cimuz from the corrupted machine immediately upon detection.

File System Details

Backdoor.Cimuz creates the following file(s):
# File Name Detections
1. %System%\msafd[TWO RANDOM NUMBERS].dll N/A
2. %System%\[RANDOM ALPHANUMERIC CHARACTERS].tbl N/A
3. %Temp%\~[RANDOM ALPHANUMERIC CHARACTERS].tmp N/A
4. %System%\c_20870.nls N/A

Registry Details

Backdoor.Cimuz creates the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SYSTEM\Current ControlSet\Services\WinSock2\mswsock32\"PathName" = "C:\WINDOWS\system32\msafd[TWO RANDOM NUMBERS].dll"

Trending

Most Viewed

Loading...