Home Malware Programs Backdoors Backdoor.Jabeefit


Posted: April 25, 2013

Threat Metric

Threat Level: 5/10
Infected PCs: 54
First Seen: April 25, 2013
OS(es) Affected: Windows

Backdoor.Jabeefit is a Trojan that opens a back door and steals information from the affected computer. When Backdoor.Jabeefit is executed, it creates a copy of itself to the specific locations of the compromised PC. Backdoor.Jabeefit then adds the malevolent files. Backdoor.Jabeefit creates the registry entry so that it can run automatically every time Windows is started. Backdoor.Jabeefit then opens a back door on the infected computer, and connects to the specific URL. Backdoor.Jabeefit creates new processes, stops processes and downloads files on the attacked PC. Backdoor.Jabeefit then modifies a Java code in online banking programs in order to steal personal information from victimized PC users.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%UserProfile%\Application Data\BIFIT_A\javassist.jar File name: %UserProfile%\Application Data\BIFIT_A\javassist.jar
Mime Type: unknown/jar
Group: Malware file
%UserProfile%\Application Data\BIFIT_A\bifit_agent.jar File name: %UserProfile%\Application Data\BIFIT_A\bifit_agent.jar
Mime Type: unknown/jar
Group: Malware file
%UserProfile%\Application Data\BIFIT_A\bifit_a.cfg File name: %UserProfile%\Application Data\BIFIT_A\bifit_a.cfg
Mime Type: unknown/cfg
Group: Malware file

Additional Information

The following URL's were detected: