Backdoor.WinCE.Brador.a

tag:Backdoors

0 0

Brador.a is a backdoor (a utility allowing for remote administration of the infected machine) for PocketPC based on Windows CE and newer version of Windows Mobile.

It is written in ASM for ARM-processors and is 5632 bytes in size.

After Brador is launched it creates an svchost.exe file in the /Windows/StartUp/ folder, thus gaining full control over the handheld every time it is restarted.

Brador identifies the IP address of the infected handheld and sends it to the remote malicious user to inform him that the handheld is connected to the Internet and that the backdoor is active. Brador then opens port 2989 and awaits further orders.

The backdoor responds to the following commands:

d - lists the directory contents f - closes the session g - uploads a file m - displays MessageBox p - downloads a file r - executes the specified command

previous:Backdoor.Win32.Zomby.b
previous:Backdoor.win32.Small.cz

Virus Source from:

New articles

TROJ_ARTIEF.SMThis Trojan exploits the RTF Stack Overflow vulnerability to drop and execute TROJ_INJECT.ART. This Trojan may be unknowingly downloaded by a user while visi...ANDROIDOS_GEINIMI.AThis backdoor may be unknowingly downloaded by a user while visiting malicious websites. Backdoor Routine This backdoor executes the following commands from...P2P-Worm.Win32.BlackControl.gThe malicious program intercepts the user’s requests to various sites and redirects them to a malicious URL. It also contains a tool for sending phishin...Backdoor.Win32.Bredolab.euaA malicious program that receives commands from a management server to download other malware to a computer. To ensure that it is launched automatically when t...Backdoor.Farfli.ABCommonly it commes as an installer so it can drop several files, detected by Bitdefender as adware (Adware.Cinmus) or tojan-downloaders.It modifies the memory o...

Hot Articles

Backdoor.WinCE.Brador.a

Computer Virus Clounds