Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

TROJAN.INJECT.BDQP

 

 

 

Name:

Trojan.Inject.bdqp

Added:

September 14, 2011

Type:

Trojan

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Description:

 

When Trojan.Inject.bdqp is executed, it performs the following activities:

After execution, it drops the folowing files:

%Systemroot%\aadrive32.exe
%Appdata%\Muqeqq.exe
%systemdrive%\RECYCLER\{Recycle Bin CLSID}\acleaner.exe
%Userprofile%\nfh.exe
%Temporary Internet Files%\Content.IE5\{Random alpha numeric}\khara[1].exe
%Temporary Internet Files%\Content.IE5\{Random alpha numeric}\desktop.ini

It creates/modifies the following registry entries:

Taskman = "%systemdrive%\RECYCLER\{Recycle Bin CLSID}\acleaner.exe"
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

Muqeqq = "%Appdata%\Muqeqq.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

This infection has rootkit functionality keeping "%Appdata%\Muqeqq.exe" hidden and hooking some user mode functions.

 

 

 

 

 

 

 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Malware problems?
We can help.

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Evaluate Thirtyseven4 Antivirus Now

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 - Industry Leading Endpoint Security Solution

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4