BKDR_RARSTONE.A
BKDR_RARSTONE.A is an extremely dangerous Remote Access Trojan, or RAT for short. These kinds of malware infections install a backdoor on the victim's computer that can then be used by criminals to control the infected computer from an outside position. Using a backdoor, which is an unauthorized opening, criminals can then use the BKDR_RARSTONE.A to command the compromised computer from an outside place. Using this level of control, criminals can steal data from the infected computer, force it to download and install other malware, delete the infected machine's contents or spy on the victim's online activity so BKDR_RARSTONE.A can access passwords and sensitive banking information. BKDR_RARSTONE.A uses an advanced technique that allows BKDR_RARSTONE.A to hide its malicious code with advanced encryption and loading malicious executable files directly into the infected computer's memory without needing to install a malicious executable file that can be detected and blocked by security software.
Table of Contents
The Dangerous BKDR_RARSTONE.A Remote Access Trojan
Apart from its advanced capabilities listed above, BKDR_RARSTONE.A has other ways of bypassing security software and making it difficult for PC security researchers to study its attack. BKDR_RARSTONE.A spreads through malicious DOC files contained in targeted, malicious email messages. Once installed, BKDR_RARSTONE.A injects its malicious code into a hidden Internet Explorer memory process. This malicious code downloads a dangerous DLL file which allows this malware infection to connect to a Command and Control website in order to get instructions from the cybercrooks behind this attack.
BKDR_RARSTONE.A can be used to carry out several malicious tasks on the infected computer. BKDR_RARSTONE.A allows criminals to analyze the contents of the infected computer, download and upload files and change system settings. One particularly vicious capability of the BKDR_RARSTONE.A RAT is its ability to allow criminals to uninstall applications on the victim's computer. This feature can be used by criminals to uninstall security software installed on the infected machine. Another unique feature of BKDR_RARSTONE.A is that BKDR_RARSTONE.A communicates with its command and control server using SSL. This makes its communications secure due to encryption while at the same time being harder to intercept due to the fact that they blend with regular network traffic.
SpyHunter Detects & Remove BKDR_RARSTONE.A
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | iExplorer.exe1 | ebb28877ab3edc32ff3c9c3e1a2382f1 | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.