Packed.Win32.Katusha.o
Packed.Win32.Katusha.o is a malicious Trojan which poses a severe threat to a compromised system. Packed.Win32.Katusha.o uses an IRC server to download corrupt files to the computer. Once active, Packed.Win32.Katusha.o will run each time the system is started up after infiltrating the registry. Remove Packed.Win32.Katusha.o immediately once detected.
Aliases
Backdoor.Win32.Cetorp
packed with: PE_Patch.UPX
packed with: PE_Patch.UPX
File System Modifications
- The following files were created in the system:
# File Name 1 hdyk.exe 2 secupdat.dat
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]HKEY..\..\..\..{RegistryKeys}MSConfig = "%UserProfile%\hdyk.exe \u"
i found a new name for this trojan on my system
the name is BKF.exe
thanx