Home Malware Programs Backdoors Backdoor:Win32/Bdaejec.B

Backdoor:Win32/Bdaejec.B

Posted: October 11, 2013

Threat Metric

Ranking: 14,752
Threat Level: 2/10
Infected PCs: 105
First Seen: October 11, 2013
Last Seen: August 14, 2023
OS(es) Affected: Windows

Backdoor:Win32/Bdaejec.B is a backdoor Trojan that allows an attacker to gain unauthorized access and control of the PC. Once installed on the computer, Backdoor:Win32/Bdaejec.B creates the potentially malicious files. Backdoor:Win32/Bdaejec.B modifies system security settings by adding itself to the list of applications that are authorized to access the Internet without being blocked by the Firewall. Backdoor:Win32/Bdaejec.B does this by making the registry modifications. An attacker can execute numerous different actions using Backdoor:Win32/Bdaejec.B such as download, upload run and delete files, log keystrokes or steal personal data, proliferate to other computers using a variety of circulation methods, run or terminate applications, alter system settings and other.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



C:\Documents and Settings\<username>\local settings\temp\qd.ini File name: C:\Documents and Settings\<username>\local settings\temp\qd.ini
Mime Type: unknown/ini
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\{Value}HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List "[malware file].exe" = "[malware file].exe:*:enabled:qvod"

Additional Information

The following URL's were detected:
gretzlad.com
Loading...