This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects Backdoor.Miniduke activity on compromised system.
When the Trojan is executed, it creates the following files:
%UserProfile%\Local Settings\Temporary Internet Files\eu_advisory.pdf
%AllUsersProfile%\Application Data\Adobe\[FILE NAME].[EXT]
Note: [FILE NAME] is variable and subject to change. Example names include the following:
Note: [EXT] is variable and subject to change. Example names include the following:
The Trojan creates the following file so that it runs every time Windows starts:
%UserProfile%\Start Menu\Programs\Startup\[FILE SHORTCUT].lnk
- Various windows platforms