Bird_banner_small4
Backdoor.MSIL.Arcdoor.AL
TSL ID TSL20171128-02
Severity High
Description

Backdoor.MSIL.Arcdoor.AL is a Backdoor that targets the Windows platform. This malware identifies itself to a remote server and accepts various commands to perform nefarious activities on the infected machine. The supported commands would allow to execute shell/powershell commands, take screenshot, download/execute files, open URLs, update/uninstall itself, and many more. Moreover, the malware tries to create a Run key Registry entry to survive system reboots.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • ABD3F5E597B6DD4DA61D724DCD148289
SHA1:
  • BFD399BE742714099E0BC0D17568CC365DDE39D6
Identifiers
Kaspersky
  • TROJAN-RANSOM.WIN32.PORNOASSET.DBLQ
McAfee
  • ARTEMIS!ABD3F5E597B6
Microsoft Malware Protection Center
Sophos
  • MAL/MSIL-BA
TrendMicro
AegisLab
  • TROJ.W32.GEN.MCEJ
Arcabit
  • TROJAN.MSILPERSEUS.DA1E
Avast
  • MSIL:DOWNLOADER-GA
Baidu
  • WIN32.TROJAN.WISDOMEYES.16070401.9500.9999
BitDefender
  • GEN:VARIANT.MSILPERSEUS.2590
CAT-QuickHeal
  • TROJAN.CRYPT.FC.2317
Cyren
  • W32/TROJAN.QILE-1986
Emsisoft
  • MALWARE.GENERIC.CN1
ESET-NOD32
  • MSIL/ARCDOOR.AL
Fortinet
  • MSIL/ARCDOOR.AL!WORM
Qihoo-360
  • WIN32/TROJAN.DOWNLOADER.D10
Tencent
  • WIN32.TROJAN.PORNOASSET.LQOP
Related Threats