Backdoor.Korplug

Backdoor.Korplug Description

Type: Backdoors

Backdoor.Korplug is a backdoor Trojan that opens a back door and may steal information from the compromised PC. When run, Backdoor.Korplug may create several potentially infectious files. Backdoor.Korplug may also create several registry subkeys. Backdoor.Korplug can execute many damaging actions that involve recording keystrokes, opening a remote command shell, taking screenshots and stealing information about the affected PC and its network. Backdoor.Korplug then transfers the stolen information to remote attackers.

Technical Information

File System Details

Backdoor.Korplug creates the following file(s):
# File Name MD5 Detection Count
1 %UserProfile%\SxS\rc.exe N/A
2 %UserProfile%\SxS\rcdll.dll N/A
3 %UserProfile%\SxS\rc.hlp N/A
4 %UserProfile%\SxS\bug.log N/A
5 1889.exe 2263ad19cd270571617b5677d3e5652a 0
6 file.exe 9641752497aa67d3912a5928ccf051df 0
7 file.dll 60da52a3709057b677d02cbe80cb0c87 0
More files

Registry Details

Backdoor.Korplug creates the following registry entry or registry entries:
RegistryKey
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SXS
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FAST
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SxS

Related Posts

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.