Backdoor.Oblivion

Posted: March 28, 2006

This RAT application was designed to get unauthorized remote access to victim's PC. Several variants appeared from September 2001 to March 2004 but all of them have the same RAT abilities. When run, it copies itself as WindowsipLoader32.exe and runs each time Windows starts. It allows the intruder to connect using a "server" on the infected machine via a "clien" on his own PC.

File System Modifications

The following files were created in the system:

# File Name

1 backdoor.oblivion.011.exe

2 cdrwin4.rar

3 dll32.com

4 f270b0b7.exe

#	File Name
1	backdoor.oblivion.011.exe
2	cdrwin4.rar
3	dll32.com
4	f270b0b7.exe

Backdoor.Oblivion

File System Modifications

Leave a Reply