Threat Database Backdoors Backdoor.Egobot

Backdoor.Egobot

By Sumo3000 in Backdoors

Backdoor.Egobot is a Trojan that opens a back door, drops additional malware infections, and steals information on the corrupted PC. Backdoor.Egobot may be distributed through a malevolent .lnk file attached to email messages. When run, Backdoor.Egobot adds infectious files and runs one of the files upon startup. Backdoor.Egobot reads daxctle.dll, the file with the main harmful code, and embeds it into the processes. Backdoor.Egobot opens a back door on the compromised PC, permitting cybercriminals to fulfill various damaging activities. Backdoor.Egobot connects to the particular domain and may drop harmful files. Backdoor.Egobot transfers and gains commands from the remote servers.

File System Details

Backdoor.Egobot may create the following file(s):
# File Name Detections
1. %System%\wuauclt.exe
2. %UserProfile%\Local Settings\Microsoft\Windows\Program\Startup\daxctle.dll
3. %System%\spoolsv.exe
4. %UserProfile%\Local Settings\Microsoft\Windows\Program\Startup\detoured.dll
5. %System%\alg.exe
6. %UserProfile%\Local Settings\Microsoft\Windows\Program\Startup\winmsd.exe

Trending

Most Viewed

Loading...