Backdoor.Jukbot.B Description

Type: Backdoors

Backdoor.Jukbot.B is a dangerous backdoor Trojan which opens a back door in the targeted computer system and enables hackers to obtain remote access and control over the compromised PC. Backdoor.Jukbot.B communicates with a remote server to receive commands and instructions on further harmful actions. Once Backdoor.Jukbot.B is installed, it makes system changes and modifies the registry. Backdoor.Jukbot.B can easily drop and run malicious files. Backdoor.Jukbot.B uses different file and service names throughout the installation. The registry is modified in order to start Backdoor.Jukbot.B as a Windows service. Backdoor.Jukbot.B copies the names of the legitimate services and corrupts them and tricks the computer system into starting it every time Windows boots up. When Backdoor.Jukbot.B is installed and run, it tries to connect to a remote web page in order to receive configuration data from the remote server. Backdoor.Jukbot.B can also deliver fake security software. Backdoor.Jukbot.B can unexpectedly restart or shut down your PC, or execute denial of service attacks. Remove Backdoor.Jukbot.B before it harms your computer system.


15 security vendors flagged this file as malicious.

Anti-Virus Software Detection
Ikarus Backdoor.Win32.Zegost
AhnLab-V3 Backdoor/Win32.Hupigon
DrWeb DDoS.Attack.301
F-Secure Packed:W32/PeCan.A
BitDefender Gen:Trojan.Heur.PT.guW@aehIxgp
Kaspersky HEUR:Trojan.Win32.Generic
Avast Win32:Rootkit-gen [Rtk]
McAfee Generic BackDoor!1tp
CAT-QuickHeal Backdoor.Jukbot
Panda Generic Malware
AVG Fat-Obfuscated
Fortinet W32/Redosdru.ID!tr
Ikarus Trojan.Win32.Jorik
AhnLab-V3 Win-Trojan/Agent.102416.B
Antiy-AVL Trojan/Win32.Jorik.gen

Technical Information

File System Details

Backdoor.Jukbot.B creates the following file(s):
# File Name MD5 Detection Count
1 svch0st.exe cf9548e21a7ffae63ec35148507ea9ec 109
2 sqlcsw32.dll 85a8fc6b1dedab9c8085e037680b7cf1 29
3 lvvm.exe a85e79a1ce7c293611a311f89b063cf8 25
4 sqlesw32.dll 1a6c9676be60fce0d199c114895df03e 18
5 thq88rx6p.exe 6afaea332a84de981715de7881d9f228 15
6 ytnqne.exe 8bb9b7318ab2226b77bafdd2aadf4cb5 14
7 NfWOkoyrvDaoRQH.exe 0ea318a1f802030209a70f9f6bf5d6c7 11
8 svy9.dll 22a6ca25c41f0cdeabe667b06357bece 4
9 afd.sys aff9873e66a0b246ce56ac6d1021f4c8 4
10 bsn.exe c72daa10403a129878ca560aa1245636 4
11 NewtonDictate.exe 9a1485f3c67ecc2e4f3fb907866afed7 3
12 cdrom.sys c69b912e4c06a7586bb847ccb10781f8 2
13 skfp.exe 5f9bbb0be8270c87d659dd29a02e36f5 2
14 68.exe acb887fe28c2d1206b8835935506e6b8 2
15 svchosts.exe 604bb71fb6f91b4927c1a0fe526dc148 2
16 smvccs.dll 9c390d3b8e508f0a1b601ba814d7e078 2
17 Stellar_Phoenix_Password_Recovery_v1_0_keygen.exe 95936157ffcf7d8e9d21c4c8525ba00e 1
18 zyifur.exe 28cfbf345322abe2325ae327d1f8be0b 1
19 38A.exe 3275203f1041b62ed23c9d1b55f99737 1
20 rjy.exe f84056ed084e58f6fcdc487ec931843b 1
21 ZjevH3HwzpNRaA.exe 0b07f47b65d44764c8f83fb4bbc8c69d 1
22 hki283.exe 72b6a7e7c15faa446887fe5ec3e124fd 1
23 way.exe 04fcd92131958aa0a743f63ebb22ef55 1
24 uhu.exe b6ce567a103eec4193c4e457f69d72b7 1
25 ang.exe a0b052c56c4d94c36e2a5b04c0bf75bc 1
26 svch0sts.exe 47dc6120ea76568d3fa6db38a754438f 1
27 dbelh.exe fbdc9f9793d0f7d7633739c1140925b6 1
28 jukbot.exe ea707f58bb682d7f7fccc09f81981915 1
29 ang.exe N/A
30 t00el32.dll N/A
31 way.exe N/A
32 zyifur.exe N/A
33 bsn.exe N/A
34 AbdioPdfEditor.exe N/A
35 eygen.exe N/A
36 ZjevH3HwzpNRaA.exe N/A
37 qxd.exe N/A
38 hki283.exe N/A
39 uhu.exe N/A
40 skfp.exe N/A
41 rjy.exe N/A
42 Stellar_Phoenix_Password_Recovery_v1_0_k N/A
43 file.exe 8cfc667714d6dee857137f92203986f0 0
More files

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.