Bird_banner_small4
Backdoor.MSIL.VeenikDoor.A
TSL ID TSL20171010-02
Severity High
Description

Backdoor.MSIL.VeenikDoor.A is a Backdoor that targets the Windows platform. This malware acts as a backdoor on the target system, allowing a remote controller to send any commands to it including the functionality to download executable files. Additionally, system information is gathered and transmitted to a control server using HTTP, effectively marking the infection. In order to maintain persistence, the malware copies itself to the user's Startup directory.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 3A722F6C137B5D39A37B33827777678F
SHA1:
  • E1202B14CA5D81B20E52F47FCB441AD7B23711CA
Identifiers
TrendMicro
Arcabit
  • TROJAN.GENERIC.DBE0167
Avira
  • TR/DLDR.AGENT.BWOJU
Baidu
  • WIN32.TROJAN.WISDOMEYES.16070401.9500.9982
BitDefender
  • TROJAN.GENERICKD.12452199
Cyren
  • W32/TROJAN.AIXD-0433
DrWeb
  • TROJAN.DOWNLOADER25.41832
ESET-NOD32
  • MSIL/AGENT.BDQ
Jiangmin
  • TROJANDOWNLOADER.GENERIC.AXJK
NANO-Antivirus
  • TROJAN.WIN32.MLW.ETERZZ
Tencent
  • WIN32.TROJAN-DOWNLOADER.GENERIC.LLHI
Yandex
  • TROJAN.AGENT!WPMCUACM4IU
References http://www.virusradar.com/en/MSIL_Agent.BDQ/description
Related Threats