Home Malware Programs Backdoors Backdoor.Cycbot.A

Backdoor.Cycbot.A

Posted: December 27, 2011

Threat Metric

Threat Level: 6/10
Infected PCs: 6,232
First Seen: November 30, 2010
Last Seen: June 23, 2023
OS(es) Affected: Windows

Backdoor.Cycbot.A is a backdoor Trojan that opens a back door on the infected computer system. Backdoor.Cycbot.A may spread via malicious downloads and content on the web. Backdoor.Cycbot.A may also contact the malicious server and report back what version of itself is running and may download updates. Backdoor.Cycbot.A may control its victim's activity on popular websites, such as search engines, social networks, e-commerce, video websites, etc. Backdoor.Cycbot.A also uses a random number to select what server to report back to and may use a specific user-agent string to mark itself. Backdoor.Cycbot.A can download and execute arbitrary files, upload and delete files. Get rid of Backdoor.Cycbot.A immediately after detection.

Aliases

Trj/KillFiles.BF [Panda]SHeur3.BBZH [AVG]W32/Swisyn.ALXY!tr [Fortinet]Backdoor.Win32.Goolbot [Ikarus]Win-Trojan/Downloader.77312.V [AhnLab-V3]Trojan/Win32.Swisyn.gen [Antiy-AVL]Win32/Swisyn.CB [eTrust-Vet]TR/Swisyn.alxy.2 [AntiVir]Trojan.DownLoader1.23379 [DrWeb]Trojan.Generic.4806317 [BitDefender]Trojan.Win32.Swisyn.alxy [Kaspersky]Backdoor.Cycbot [Symantec]W32/Trojan3.CAQ [F-Prot]Generic.dx!ulb [McAfee]Cryptic.BKE [AVG]
More aliases (910)

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%WINDIR%\andy143.exe File name: andy143.exe
Size: 172.03 KB (172032 bytes)
MD5: 00acbad51d1c87712fef2a59bbd9f749
Detection count: 129
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%
Group: Malware file
Last Updated: December 1, 2010
%APPDATA%\Microsoft\Windows\shell.exe File name: shell.exe
Size: 129.53 KB (129536 bytes)
MD5: fbd7aed3145a59a7ce352b9439fd4857
Detection count: 115
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft\Windows
Group: Malware file
Last Updated: December 1, 2010
%WINDIR%\system32\printedit.dll File name: printedit.dll
Size: 470.52 KB (470528 bytes)
MD5: 9cb14fff0365220d4ae00f18495e80d5
Detection count: 96
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\system32
Group: Malware file
Last Updated: December 9, 2010
%USERPROFILE%\lkbfmln.exe File name: lkbfmln.exe
Size: 18.43 KB (18432 bytes)
MD5: b180feded7e9ee1aad000f64ff92f6b3
Detection count: 83
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: December 1, 2010
%WINDIR%\System32\DRIVERS\srenum.sys File name: srenum.sys
Size: 47.1 KB (47104 bytes)
MD5: 83c7e2a7add3a7de3e9ef9cc457f7546
Detection count: 70
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\DRIVERS
Group: Malware file
Last Updated: December 1, 2010
%USERPROFILE%\Start Menu\Programs\Startup\RHCPL.exe File name: RHCPL.exe
Size: 25.6 KB (25600 bytes)
MD5: f1149ee97164d239304fabac6234b8ba
Detection count: 60
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: December 1, 2010
C:\MessengerPlus\IEBrowserEvents.dll File name: IEBrowserEvents.dll
Size: 422.18 KB (422183 bytes)
MD5: 3a2de3fe969bd90072b0ebc626a09ec2
Detection count: 54
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\MessengerPlus
Group: Malware file
Last Updated: December 1, 2010
%APPDATA%\Flipopia\flipopia.exe File name: flipopia.exe
Size: 1.06 MB (1064960 bytes)
MD5: f81e26306f6244f964038e08e51e809f
Detection count: 46
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Flipopia
Group: Malware file
Last Updated: December 1, 2010
%PROGRAMFILES%\Java\jre-07\bin\jusched.exe File name: jusched.exe
Size: 64 KB (64000 bytes)
MD5: f83c617b55a53db1fc9bd68c9c732192
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\Java\jre-07\bin
Group: Malware file
Last Updated: December 1, 2010
%USERPROFILE%\My Documents\My Downloads\admin.exe File name: admin.exe
Size: 194.04 KB (194048 bytes)
MD5: 01561b954bcf7a8d70e633591b988281
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\My Documents\My Downloads
Group: Malware file
Last Updated: December 1, 2010
%TEMP%orary Internet Files\Content.IE5\94W370CX\movie[1].exe File name: movie[1].exe
Size: 194.56 KB (194560 bytes)
MD5: ae6b3daea687270874389f971ebd18b2
Detection count: 28
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%orary Internet Files\Content.IE5\94W370CX
Group: Malware file
Last Updated: December 1, 2010
%APPDATA%\updates\updates.exe File name: updates.exe
Size: 114.68 KB (114688 bytes)
MD5: 58c5604ac47dd9e67a807bab521e490b
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\updates
Group: Malware file
Last Updated: December 1, 2010
%USERPROFILE%\Start Menu\Programs\Startup\chkntfs.exe File name: chkntfs.exe
Size: 91.13 KB (91136 bytes)
MD5: 6ea03b0a1296b6a02c7272b31a011d8e
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: December 1, 2010
%WINDIR%\system32\msvmiode.exe File name: msvmiode.exe
Size: 109.91 KB (109912 bytes)
MD5: 4aa952ad15927f9847c379e5459ead51
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: December 1, 2010
%LOCALAPPDATA%\Temp\regprov.dll File name: regprov.dll
Size: 469.5 KB (469504 bytes)
MD5: c183b8821e561334ee0d9088f78d060e
Detection count: 15
File type: Dynamic link library
Mime Type: unknown/dll
Path: %LOCALAPPDATA%\Temp
Group: Malware file
Last Updated: December 9, 2010
%WINDIR%\SysWow64\api-ms-win-core-misc-l1-1-032.dll File name: api-ms-win-core-misc-l1-1-032.dll
Size: 365.56 KB (365568 bytes)
MD5: 137f8e711c3869a1c065db1f599705b3
Detection count: 14
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\SysWow64
Group: Malware file
Last Updated: December 1, 2010
%TEMP%\ajyWlxBiFK.exe File name: ajyWlxBiFK.exe
Size: 447.48 KB (447488 bytes)
MD5: 0f9c3aa84453b91cdec2c9152e10be3b
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: December 9, 2010
%PROGRAMFILES%\quicktime\propertypanels\proppanelhelpers.resources\da.lproj\quicktimeresourcesquicktime.exe File name: quicktimeresourcesquicktime.exe
Size: 165.37 KB (165376 bytes)
MD5: 810f4c861c7bc9728e14fad39f18ad5d
Detection count: 11
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\quicktime\propertypanels\proppanelhelpers.resources\da.lproj
Group: Malware file
Last Updated: December 1, 2010
C:\systeam\sysi.cpl File name: sysi.cpl
Size: 964.09 KB (964096 bytes)
MD5: 4e8b68f22e1f0a0f3201465e5764e8d0
Detection count: 7
Mime Type: unknown/cpl
Path: C:\systeam
Group: Malware file
Last Updated: December 1, 2010
%COMMONPROGRAMFILES%\microsoft shared\ink\windowswindows2.7.2600.2180.exe File name: windowswindows2.7.2600.2180.exe
Size: 166.4 KB (166400 bytes)
MD5: 60db36352c5cd2c0bd18062f996db3c7
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %COMMONPROGRAMFILES%\microsoft shared\ink
Group: Malware file
Last Updated: December 1, 2010
%APPDATA%\bbizd.exe File name: bbizd.exe
Size: 106.49 KB (106496 bytes)
MD5: 88dc8cd3aa31adb39587ea09692f07df
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: December 1, 2010
%APPDATA%\fbx.exe File name: fbx.exe
Size: 57.34 KB (57344 bytes)
MD5: 97c2dd327917f8df38d005b2b968a3db
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: December 1, 2010
C:\Documents and Settings\<username>\Application data\Aicrosoft\stor.cfg File name: C:\Documents and Settings\<username>\Application data\Aicrosoft\stor.cfg
Mime Type: unknown/cfg
Group: Malware file
C:\Documents and Settings\<username>\Application data\Microsoft\Windows\shell.exe File name: C:\Documents and Settings\<username>\Application data\Microsoft\Windows\shell.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
C:\Documents and Settings\<username>\local settings\temp\dwm.exe File name: C:\Documents and Settings\<username>\local settings\temp\dwm.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

More files
Loading...