Home Malware Programs Backdoors Malpayo

Malpayo

Posted: March 28, 2006

Malpayo is a backdoor that gives the attacker unauthorized remote access to a compromised PC. It allows the intruder to download and upload arbitrary files, collect computer and network information. Malpayo includes an integrated keylogger that records all user keystrokes and sends them to the attacker. The backdoor runs on every Windows startup.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 sys.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunSystem=%System%sys.exe
Loading...