Threat Database Trojans BKDR_AGENT.BCSG

BKDR_AGENT.BCSG

By Sumo3000 in Trojans

BKDR_AGENT.BCSG is a backdoor Trojan that is disguised as a .JPG file. BKDR_AGENT.BCSG contacts a command-and-control (C&C) server via port 80 and, thus, is enabled to take over the corrupted PC's security, making it vulnerable to other malware threats. BKDR_AGENT.BCSG is delivered by another computer infection, known as JS_DLOADER.SMGA, or can propagate via unsafe websites. BKDR_AGENT.BCSG erases itself once it is executed. BKDR_AGENT.BCSG makes system modifications on the affected computer system. BKDR_AGENT.BCSG adds and modifies several registry entries. BKDR_AGENT.BCSG also downloads potentially infectious files.

File System Details

BKDR_AGENT.BCSG may create the following file(s):
# File Name Detections
1. %User Profile%\AppMgmt.dll

Registry Details

BKDR_AGENT.BCSG may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AppMgmt\ParametersServiceDll = "%SystemRoot%\System32\appmgmts.dll"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AppMgmt\ParametersServiceDll = "%User Profile%\AppMgmt.dll"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AppMgmt\ParametersMyStubPath = "{malware path and file name}"

URLs

BKDR_AGENT.BCSG may call the following URLs:

streamingsearches.com

Trending

Most Viewed

Loading...