Bird_banner_small4
Backdoor.MSIL.TPDShell.B
TSL ID TSL20170811-03
Severity High
Description

Backdoor.MSIL.TPDShell.B is a Backdoor that targets the Windows platform. This malware downloads and installs the tor (The Onion Router) client and configures it to create a "hidden service" on the local system. The local system's hidden service address is then sent to a remote controller. A shell is spawned once a user attempts to access the bound hidden service port. Additionally, this backdoor supports commands to drop and execute additional files.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 30202547269A90A8FDF3FE6727AB7F2F
SHA1:
  • F0AE41D84E9CD9A413D277FED88D47F74673D231
Identifiers
Kaspersky
  • DOWNLOADER.WIN32.BLOADER.DK
McAfee
  • ARTEMIS!30202547269A
TrendMicro
Arcabit
  • TROJAN.RAZY.D257EF
Baidu
  • WIN32.TROJAN.WISDOMEYES.16070401.9500.9750
BitDefender
  • GEN:VARIANT.RAZY.153583
Qihoo-360
  • WIN32/TROJAN.7CB
Related Threats TSL20170209-06 - Backdoor.MSIL.TPDShell.A