Hydraq

By ZulaZuza in Trojans

Translate To:

Hydraq is a harmful Trojan with the ability to open a backdoor on a compromised system, giving attackers unauthorized access to the system. Hydraq was put in the spotlight when it conducted an attack on the Gmail accounts of human rights activists that were involved in China rights issues. Hydraq typically spreads via e-mail in the form of an attachment, or it enters a system through the exploitation of known system vulnerabilities. Hydraq may also modify the registry to ensure that it is executed each time a system is started up.

Once inside a system, Hydraq will allow attackers to do the following malicious activities: delete or create registry keys, modify files, restart or shut down a computer, modify token privileges, delete all system event logs, etc. Hydraq is registered as the system service RaS[four arbitrary characters]. Hydraq also creates an "ImagePath" value that always begins with svchost.exe. By adding its service name to the list of service names stored in the "netsvcs" value of the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost, the existence of Hydraq will be known to svchost.exe and it will be loaded. Hydraq should be removed with a reliable security tool immediately after detection.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Hydraq

1 Comment

Submit Comment

Related Posts

TROJ_HYDRAQ.E

Trojan.Hydraq!gen1

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen