Content

BackDoor-DKG

Type
Trojan
SubType
Remote Access
Discovery Date
12/05/2006
Length
varies
Minimum DAT
4911 (12/05/2006)
Updated DAT
6546 (11/30/2011)
Minimum Engine
5.1.00
Description Added
12/05/2006
Description Modified
08/21/2007 8:33 AM (PT)
Risk Assessment
Corporate User
Low
Home User
Low

Tab Navigation

Characteristics

This description is for the server component of  BackDoor-DKG.cfg. The characteristics of this Trojan with regards to the file names etc will differ, from one version to another.

Once the server component is run on the victim machine, the attacker is able to connect to and administer that machine.

 

Symptoms

  • Unusual/unexpected ports open on machine.
  • Unexpected termination of Services and Processes.

Method of Infection

Trojans do not self-replicate and require manual intervention in order to "spread". This trojan may be delivered by email or an infectious webpage.

Removal

A combination of the latest DATs and the Engine will be able to detect and remove this threat. AVERT recommends users not to trust seemingly familiar or safe file icons, particularly when received via P2P clients, IRC, email or other media where users can share files.

 

Variants

Variants

    N/A

All Information

Overview -

This description is for the server component of  BackDoor-DKG.cfg. The characteristics of this Trojan with regards to the file names etc will differ, from one version to another.

Aliases

  • Backdoor.Win32.VB.bax (Kaspersky)

Characteristics

Characteristics -

This description is for the server component of  BackDoor-DKG.cfg. The characteristics of this Trojan with regards to the file names etc will differ, from one version to another.

Once the server component is run on the victim machine, the attacker is able to connect to and administer that machine.

 

Symptoms

Symptoms -

  • Unusual/unexpected ports open on machine.
  • Unexpected termination of Services and Processes.

Method of Infection

Method of Infection -

Trojans do not self-replicate and require manual intervention in order to "spread". This trojan may be delivered by email or an infectious webpage.

Removal -

Removal -

A combination of the latest DATs and the Engine will be able to detect and remove this threat. AVERT recommends users not to trust seemingly familiar or safe file icons, particularly when received via P2P clients, IRC, email or other media where users can share files.

 

Variants

Variants -

    N/A