Threat Database Backdoors BKDR_PLUGAX.A

BKDR_PLUGAX.A

By Domesticus in Backdoors

BKDR_PLUGAX.A is a Trojan that takes advantage of the remote memory-corruption vulnerability covered in CVE-2013-0634 to drop and run damaging files on the affected computer. BKDR_PLUGAX.A can harvest information such as computer name, admin rights, hostname, and operating system version among others. BKDR_PLUGAX.A can also drop and load plugins and transmit and obtain information from an infected website, thus hijacking the security of the victimized PC. BKDR_PLUGAX.A targets product versions that include Adobe Flash Player 11.2.202.261 and earlier versions for Linux, Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh, and Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x. BKDR_PLUGAX.A may be distributed by other malware threat found as TROJ_MDROP.REF. BKDR_PLUGAX.A runs commands from a vybercriminal. BKDR_PLUGAX.A adds damaging files by inserting its copies into the corrupted PC. BKDR_PLUGAX.A adds the registry entries so that it can load automatically whenever Windows is started. BKDR_PLUGAX.A also adds the registry entries as part of its installation routine.

SpyHunter Detects & Remove BKDR_PLUGAX.A

File System Details

BKDR_PLUGAX.A may create the following file(s):
# File Name MD5 Detections
1. %Application Data%\googleupdate.exe
2. %Application Data%\config.sys
3. file.exe bd4dc30072f76f20b52e0c564473bc92 0
4. file.exe 3519b1d6dc34d845a4f0f0df37e2b0c7 0
5. file.exe 2a7e98b3079af88e296ed934966486b7 0

Registry Details

BKDR_PLUGAX.A may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Update = "%Application Data%\Googleupdate.exe"

Trending

Most Viewed

Loading...