Bird_banner_small4
Backdoor.MSIL.Rodiversup.A
TSL ID TSL20170614-03
Severity High
Description

Backdoor.MSIL.Rodiversup.A is a Backdoor that targets Windows platform. This malware identifies itself to a remote server and accepts various commands. The supported commands would allow to execute shell commands on the infected machine, upload/download a file, take screenshots of the infected machine and show a message box. Moreover, the malware creates Run key Registry entry and startup shortcut link to achieve persistence on the infected machine.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 10350D86AF03C2C8E43B04DEF5520776
SHA1:
  • 11FDB685C46F6A608DCEB16AEDC8188262B64C6E
Identifiers
TrendMicro
ESET
  • MSIL/AGENT.AWI
References http://www.virusradar.com/en/MSIL_Agent.AWI/description
Related Threats