Home Malware Programs Backdoors Backdoor.Outflare

Backdoor.Outflare

Posted: March 1, 2013

Threat Metric

Ranking: 2,097
Threat Level: 2/10
Infected PCs: 41,153
First Seen: March 1, 2013
Last Seen: October 15, 2023
OS(es) Affected: Windows

Backdoor.Outflare is a backdoor Trojan that opens a back door on the targeted computer. Backdoor.Outflare may also use the corrupted PC to perform DDoS attacks. When Backdoor.Outflare is executed, it creates a potentially malicious file. Backdoor.Outflare then creates the registry entry so that it loads automatically every time you start Windows. Backdoor.Outflare may insert itself into one of the legitimate processes such as rundll32.exe and iexplore.exe. Backdoor.Outflare may use one or more URLs to test connectivity. Backdoor.Outflare opens a back door on the victimized computer and connects to one of the URLs in order to receive commands.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%UserProfile%\Application Data\[RANDOM CHARACTERS FILE NAME].exe File name: %UserProfile%\Application Data\[RANDOM CHARACTERS FILE NAME].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Microsoft Windows Application" = "%UserProfile%\Application Data\[RANDOM CHARACTERS FILE NAME].exe"

Additional Information

The following URL's were detected:
matrixstar.net
Loading...