Backdoor.Matsnu.B Description

Backdoor.Matsnu.B is a backdoor Trojan that opens a back door on the attacked PC. Once run, Backdoor.Matsnu.B creates copies of itself as one of the harmful files.Backdoor.Matsnu.B creates the registry entries so that it can load automatically whenever the computer owner starts Windows. Backdoor.Matsnu.B connects to one of the domains and waits for instructions from the remote cybercriminal. Backdoor.Matsnu.B
downloads and runs files, updates the list of domains, updates itself, deletes all files and folders in any hard drives found and overwrites the first 10,000 bytes in fixed hard drives and deletes the specific files.

Technical Information

Registry Details

Backdoor.Matsnu.B creates the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\"load" = "[PATH TO TROJAN]"
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\"run" = "[PATH TO TROJAN]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\"Startup" = "[PATH TO TROJAN FOLDER]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"[COMPUTER SPECIFIC STRING]" = "[PATH TO TROJAN]"

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

HTML is not allowed.