Home Malware Programs Backdoors Backdoor:Win32/Blohi.B

Backdoor:Win32/Blohi.B

Posted: December 28, 2012

Threat Metric

Threat Level: 6/10
Infected PCs: 4
First Seen: December 28, 2012
OS(es) Affected: Windows

Backdoor:Win32/Blohi.B is a spyware program that specializes in the theft of confidential information for Korean PC users, particularly as Backdoor:Win32/Blohi.B pertains to popular card game programs for that country. Although Backdoor:Win32/Blohi.B's distribution is mostly a concern for PC users in South Korea, the major functions that Backdoor:Win32/Blohi.B uses to harm your computer's security and privacy are effective against most Windows PCs, and SpywareRemovbe.com malware experts also recommend removing Backdoor:Win32/Blohi.B quickly and with suitable anti-malware tools. Failure to react to a Backdoor:Win32/Blohi.B infection promptly can result in the loss of credit card information and other confidential data that may be exploited for criminal profits.

Backdoor:Win32/Blohi.B: Dealing You a Bad Hand in Any Way It Can

Backdoor:Win32/Blohi.B is one of several recent examples of spyware programs that have been noted for their focus on monitoring digital card games that are popular in South Korea. Programs that Backdoor:Win32/Blohi.B may monitor for the theft of your personal information include:

  • baduki.exe
  • duelpoker.exe
  • FRN.exe
  • highlow2.exe
  • HOOLA3.exe
  • LASPOKER.EXE
  • poker7.exe

However, Backdoor:Win32/Blohi.B's attacks aren't limited to monitoring the above programs. Backdoor:Win32/Blohi.B also may record your keystrokes (keylogging), capture screenshots of your monitor's display, use a backdoor function to conduct further attacks and cause 'Blue Screen of Death' style crashes. These attacks are effective against the majority of Windows computers and allow Backdoor:Win32/Blohi.B to steal confidential data such as passwords, account names, credit card numbers and other information that could be used to turn a profit for Backdoor:Win32/Blohi.B's criminal coders.

SpywareRemove.com malware analysts further note that Backdoor:Win32/Blohi.B's backdoor functions allow Backdoor:Win32/Blohi.B to install other PC threats, including those that are even more serious than itself. Backdoor functions by Backdoor:Win32/Blohi.B also may be used to control your computer by terminating certain programs, concealing files or changing system settings to reduce your PC's security.

Taking Backdoor:Win32/Blohi.B Out of Your Deck

Backdoor:Win32/Blohi.B is distributed through installers for popular pirated gaming applications, such as the beloved indie title 'Plants Versus Zombies.' Avoiding software installers from disreputable sources and, in particular, taking care to avoid installing illegal software should be your first defenses against any potential Backdoor:Win32/Blohi.B infection. Naturally, the bulk of Backdoor:Win32/Blohi.B infections have been reported in Korea, but trace evidence of Backdoor:Win32/Blohi.B also has been found in PCs in other countries, particularly the United States. Of course, attacks like keylogging will harm your PC's privacy regardless of where it's located.

Backdoor:Win32/Blohi.B also may be identified by the aliases of W32/VBTroj.KBWM, Trojan.ADH.2 or Win32/VB.QIK (the first and last labels designated according to Backdoor:Win32/Blohi.B's nature as a Visual Basic program). SpywareRemove.com malware experts advise against using anything other than suitable anti-malware utilities for removing Backdoor:Win32/Blohi.B, which will not display symptoms of its presence and may try to resist being deleted by normal methods.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



Project.dat File name: Project.dat
Size: 466.94 KB (466945 bytes)
MD5: 3fe5d8db697c9c2e123b830f36224816
Detection count: 87
Mime Type: unknown/dat
Group: Malware file
Last Updated: January 7, 2013
Server(1).exe File name: Server(1).exe
Size: 466.94 KB (466945 bytes)
MD5: 7e5e2c6dc85a78be00071bf2ea816809
Detection count: 86
Mime Type: unknown/exe
Group: Malware file
Last Updated: January 7, 2013
C__Documents and Settings_차상현_Local S File name: C__Documents and Settings_차상현_Local S
Size: 669.97 KB (669971 bytes)
MD5: 336a057dbc314f886c02aa9b0cd3ecea
Detection count: 76
Group: Malware file
Last Updated: January 7, 2013
Server.exe File name: Server.exe
Size: 225.57 KB (225571 bytes)
MD5: ac1252cb0a80bfdf1e502599e7b68e24
Detection count: 74
Mime Type: unknown/exe
Group: Malware file
Last Updated: January 7, 2013
sdfsdf.exe File name: sdfsdf.exe
Size: 225.54 KB (225547 bytes)
MD5: 16ff3d13debbf82a27463c1eac15c61a
Detection count: 70
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: January 7, 2013
Loading...