Backdoor.Mudsy is a backdoor Trojan that opens a back door on the contaminated computer system. Backdoor.Mudsy is usually distributed by a specially crafted RTF document exploiting the Microsoft Windows Common Controls ActiveX Control Remote Code Execution Vulnerability (CVE-2012-0158). Once run, Backdoor.Mudsy creates the damaging files on the compromised PC. The document.doc file downloaded by
Backdoor.Mudsy is not damaging. Backdoor.Mudsy creates the registry entries so that it can load automatically whenever the computer user starts Windows. Backdoor.Mudsy connects to port 8081 on the particular IP address. Backdoor.Mudsy may fulfill harmful activities such as download and upload files, run commands and delete registry 'Run' keys.