Alerts

Backdoor.Hamweq.A

The virus starts by decryipting a part of its code in order to resolve its imports.

When that is done it searches for the process svchost.exe, injects in it and creates the mutex asd..6567fj.

After the virus code has been injected it checks if it runs from C:RecyclerD-1-5-21-1482476501-1644491937-682003330-1013autorun.exe and if doesn’t it copies to that location. It then creates two threads.

For more information, symptoms and removal instructions click here .

About the author

Bitdefender

We're a sublime alloy of intelligence, strength and willpower. We have the sharp mind of the wolf and the sleekness of the dragon, the vigilance of the alpha-male and the indestructibility of the snake's body. We are a unique combination of symbols that fight on Good's side.

Add Comment

Click here to post a comment

Your email address will not be published. Required fields are marked *