Backdoor.Flyoutburn

Backdoor.Flyoutburn Description

Backdoor.Flyoutburn is a backdoor Trojan that executes harmful activities on the corrupted PC. Once run, Backdoor.Flyoutburn creates a few folders and the malevolent files on the affected computer system. Backdoor.Flyoutburn creates the registry entry and registry subkeys. Backdoor.Flyoutburn may connect to port 9696 on the particular web addreass. Backdoor.Flyoutburn may also connect to port 61786 on the particular web addresses. Backdoor.Flyoutburn may strive to use local RAS services to open a VPN connection.

Technical Information

File System Details

Backdoor.Flyoutburn creates the following file(s):
# File Name Detection Count
1 %AllUsersProfile%\Application Data\Microsoft\Windows\Burn\[COMPUTER NAME].dll N/A
2 %AllUsersProfile%\Application Data\Microsoft\Windows\LiveUpdata_Mem\[RANDOM CHARACTERS].dll N/A
3 %AllUsersProfile%\Application Data\Microsoft\Windows\LiveUpdata_Mem\[RANDOM CHARACTERS]_One.dll N/A
4 %Temp%\DW20.dll N/A

Registry Details

Backdoor.Flyoutburn creates the following registry entry or registry entries:
RegistryKey
HKEY_CURRENT_USER\Software\Microsoft\Windows Media\XC
Windows\CurrentVersion\Policies\Explorer\Run "[COMPUTER NAME]" = "[%AllUsersProfile%\Application Data\Microsoft\Windows\Burn\[COMPUTER NAME].dll]"
HKEY_CURRENT_USER\Software\Microsoft\
HKEY_CURRENT_USER\Software\Microsoft\Windows Media\A1

More Details on Backdoor.Flyoutburn

The following URL's were found:
Tip: We recommend blocking the domain names as well as the IP addresses associated with them.
  • dtl.dnsd.me
  • dtl.eatuo.com
  • dtl6.mooo.com
  • internet.3-a.net