TSL ID TSL20170908-02
Severity High

Backdoor.Python.DrukSkript.A is a Backdoor written in the Python scripting language, that targets the Windows platform. In addition to backdoor functionality, this malware also spreads (I.E. copies itself) to other Python files, effectively creating a worm. The script uses the HTTP protocol to download a series of commands that can download files, execute shell commands and initialize the spreading mechanism. This script copies itself to the local user's startup directory. During the time of research this script was FUD.

Affected Products
  • Microsoft Windows All Versions
File Hashes
  • 5D00A677DC05A33D8A6EE85489F8E8C0
  • CC4604AB02A3F5C4B08B43B3F994ADBD1FA264E0
Related Threats TSL20170929-01 - Backdoor.Python.DrukSkript.B