Backdoor.Juasek
First observed in August of 2012, Backdoor.Juasek is a dangerous backdoor Trojan that can affect all versions of the Windows operating system, going as far back as Windows 95. Backdoor.Juasek is designed to enter a computer with the help of a Trojan dropper or social engineering scam and then establish a backdoor on the infected computer. The term 'backdoor' simply refers to an unauthorized opening in the infected computer's security protection. Criminals can use this opening to install other malware on the infected computer or to steal data stored on the compromised computer. Although Backdoor.Juasek is relatively easy to remove with most anti-malware programs, Backdoor.Juasek does not cause overt symptoms, meaning that countless PC users may not be enlightened of Backdoor.Juasek's presence on their computer. This is especially true if your security program(s) is not updated. To avoid becoming infected with Backdoor.Juasek, ESG security researchers recommend maintaining all your security programs up to date and being careful when downloading files or visiting unknown websites.
Table of Contents
How Backdoor.Juasek Attacks a Computer
Backdoor.Juasek has two tasks: open a backdoor into the infected computer and send data to a remote host. Once Backdoor.Juasek is executed, Backdoor.Juasek will create a malicious DLL file with a random file name. This random file name will usually be generated by choosing from a list of names. Some examples of names for this malicious DLL file that ESG security researchers have observed include espdate, sparksrv, and spksrv. Then, Backdoor.Juasek makes changes to the Windows Registry that allows its files to run automatically when the infected computer starts up. To ensure that its malicious DLL file is accessed by other applications, Backdoor.Juasek finds a legitimate DLL file with the same name and replaces it with its own, corrupted version. Finally, the Backdoor.Juasek will connect to a remote server in order to receive configuration data, commands and to report on the infected computer's status.
Malicious Actions that Backdoor.Juasek Can Carry Out on the Infected Computer
Although Backdoor.Juasek can install other malware threats on the infected computer, Backdoor.Juasek itself can carry out various malicious actions on the infected computer. These include the following:
- Backdoor.Juasek's back door can be used to delete files on the infected computer.
- A criminal can use Backdoor.Juasek to access a command prompt and execute commands on the infected computer.
- Backdoor.Juasek can also be used to execute files and view data on the infected computer.
SpyHunter Detects & Remove Backdoor.Juasek
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | %System%/[RANDOM FILE NAME].dll | ||
2. | %System%/svsdll.log | ||
3. | file.exe | a42f4749820747d7b74c5322b1898a62 | 0 |
4. | file.exe | 233947bd9ac50e8c9e7f4d78e8c42fd2 | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.