Bird_banner_small4
Backdoor.MSIL.Badazamh.A
TSL ID TSL20180205-03
Severity High
Description

Backdoor.MSIL.Badazamh.A is a Backdoor that targets the Windows platform. This malware collects system information and sends it to the remote server. It communicates with its C&C server and receives commands. The supported commands allow the malware to copy/move/delete files, get file details, download/upload files, record audio, capture screen snapshots, steal user's login credentials for Chrome, execute shell commands and send back the results, and more.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 7C05F71D77AFE5BEE4DE15EE8CDFAA00
SHA1:
  • 2135F3972D5089C2E348B8875640F299274D2772
Identifiers
TrendMicro
Arcabit
  • TROJAN.MSILPERSEUS.D206A7
Avira
  • TR/AGENT.BMJUV
BitDefender
  • GEN:VARIANT.MSILPERSEUS.132775
Cybereason
  • MALICIOUS.D77AFE
Cyren
  • W32/TROJAN.ISVX-6725
ESET
  • MSIL/AGENT.BDM
NANO-Antivirus
  • TROJAN.WIN32.MSILPERSEUS.EWOGKY
Qihoo-360
  • WIN32/TROJAN.1B4
Tencent
  • MSIL.TROJAN.MSILPERSEUS.AHER
References http://www.virusradar.com/en/MSIL_Agent.BDM/description
Related Threats