Skip to content

91 results in Threat Encyclopedia: “BKDR_PLUGX”
Showing Results : 1 - 10
      NextNext Page
...a user's keystrokes to steal information. Arrival DetailsThis backdoor may be dropped by the following malware: BKDR_PLUGX.SMEInstallationThis backdoor drops the following files: All Users' %User Profile%\Gf\boot.ldr - detected...
...doc%Application Data%\{random letter}{random digits}{random letter}\mpsvc.dll - also detected as BKDR_PLUGX.TOK(Note: %Application Data% is the current user's Application Data folder, which is usually C:\Documents...
...files: %All Users Profile%\DRM\DSSM\DSSM.exe%All Users Profile%\DRM\DSSM\MSO.dll -detected as BKDR_PLUGX.DUKLS%All Users Profile%\DRM\DSSM\{random}(Note: %All Users Profile% is the All Users folder, where...
...CommFunc.dll - detected as BKDR_PLUGX.DO%User Temp%\CommFunc.jax - detected as BKDR_PLUGX.DO%All Users Profile%\Camera...Camera\CommFunc.dll - detected as BKDR_PLUGX.DO %All Users Profile%\Camera...
...following files: %User Temp%\tmp2B.tmp - detected as BKDR_PLUGX.ZTBL-EC, executable image, will be deleted%User...and deleted%User Temp%\tmp2D.tmp - detected as BKDR_PLUGX.ZTBL-EC, dll image, will be deleted%Application...
...Temp%\RarSFX0\NvSmartMax.dll - also detected as BKDR_PLUGX.CA%User Temp%\RarSFX0\Nv.exe %System...System%\NvSmartMax.dll - (hidden) also detected as BKDR_PLUGX.CA%System%\Nv.exe - (hidden)(Note: %User...
...Profile%\DRM\EPWING\McUtil.dll - detected also as BKDR_PLUGX.GEL %All Users Profile%\DRM\EPWING\McUtil.dll.ping - detected also as BKDR_PLUGX.GEL %All Users Profile%\DRM\EPWING\{random...
...Temp%\RarSFX0\NvSmartMax.dll - also detected as BKDR_PLUGX.BT%User Temp%\RarSFX0\Nv.exe - deleted afterwards...Profile%\SxS\NvSmartMax.dll - also detected as BKDR_PLUGX.BT%All Users Profile%\SxS\Nv.exe%All Users...
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It uses the default Windows folder icon to trick users into opening the file.

Connect with us on