Backdoor:W32/GetShell.A Description

Type: Backdoors

Backdoor:W32/GetShell.A is a backdoor Trojan that infects computers running the Windows operating system. While this is not particularly rare – after all, the vast majority of backdoor Trojans target Windows – it is important in this case because Backdoor:W32/GetShell.A has three variants, the other two being Backdoor:OSX/GetShell.A and Backdoor:Linux/GetShell.A, As their names indicate, each of these variants of Backdoor:W32/GetShell.A targets a different operating system, the other two targeting Mac OSX and Linux computer systems respectively. Backdoor:W32/GetShell.A is the second step in a malware attack that initiates with a malicious JavaScript applet detected as Trojan-Downloader:Java/GetShell.A. ESG security researchers first detected this malicious applet in a hacked website for a Colombian transport company. Since this attack can target the three main operating systems used worldwide, ESG malware researchers strongly advise Mac OSX and Linux computer users to ensure that their computer systems are fully secured with a reliable anti-malware application.

Backdoor:W32/GetShell.A is Part of a Malware Attack on Multiple Platforms

Mac OSX and Linux computer systems have traditionally been difficult to target with malware due to the fact that their engineering makes them more resilient than Windows computers. However, there's an increase in viruses and Trojans that use vulnerabilities in third-party software in order to carry out their attacks, particularly Java and Adobe Flash. These are programs that are used across platforms, making these kinds of malware threats capable of attacking multiple operating systems. Trojan-Downloader:Java/GetShell.A is a malicious JavaScript applet that is designed to infiltrate a computer system, detect the operating system that is being used on that computer, and then download and install the appropriate variant of Backdoor:W32/GetShell.A. If the Windows operating system is detected, Backdoor:W32/GetShell.A is the variant installed.

Dangers Associated with Backdoor:W32/GetShell.A

Like its name indicates, Backdoor:W32/GetShell.A is a backdoor Trojan. These kinds of Trojans receive their name because they make an opening in the infected computer's security which criminals can use to gain unauthorized access to the compromised machine. Much like a real-life open backdoor allows a robber to enter a house without being caught, the backdoor that Backdoor:W32/GetShell.A sets up allows a hacker to gain access to the victim's computer system while bypassing that computer's defense mechanisms. Using Backdoor:W32/GetShell.A, criminals can install other malware on the infected computer (such as a spy Trojan, a remote access tool or a ransomware infection), steal sensitive data or access the infected computer from a remote location.

Technical Information

File System Details

Backdoor:W32/GetShell.A creates the following file(s):
# File Name MD5 Detection Count
1 file.exe 88d8c3d72e56e4f185738bb7cab84b69 0

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.