Bird_banner_small4
Backdoor.MSIL.Degestask.A
TSL ID TSL20170213-01
Severity High
Description

Backdoor.MSIL.Degestask.A is a Backdoor that targets the Windows platform. The malware contacts a remote server and accepts various commands from the server that would allow to perform UDP hole punching, turn on/off webcam and send the current video frame to the remote server, take control of the mouse, start/stops the voice recording, download a file, list running antivirus products, kill running processes, capture keystrokes on the infected machine, execute NirCmd commands on the infected machine, delete files/directories, take screenshots, execute shell commands on the infected machine and send the results back to the remote server, and more.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 9F3E357BF5250DFC97A0801C18754F9F
SHA1:
  • 7074C408ACC189CCF75C291F777C2D0EC26C78C7
Identifiers
McAfee
  • ARTEMIS!9F3E357BF525
Symantec
  • TROJAN.GEN.2
TrendMicro
AegisLab
  • VIRUS.MALWARE.PVTK!C
AVG
  • MSIL11.CPV
Avira
  • TR/AGENT.LTSQG
BitDefender
  • GENERIC.MALWARE.PVTK.2A3E2847
Cyren
  • W32/TROJAN.UUOP-6277
ESET
  • MSIL/AGENT.APQ
NANO-Antivirus
  • TROJAN.WIN32.AGENT.EJZBHJ
Rising
  • TROJAN.AGENT!8.B1E-ABCNDG8BH2K
Tencent
  • WIN32.TROJAN.FALSESIGN.HVJI
Yandex
  • TROJAN.AGENT!N5CAKOPPKCY
Zillya
  • TROJAN.AGENT.WIN32.740510
References http://www.virusradar.com/en/MSIL_Agent.APQ/description
Related Threats