This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects the network activity generated by Backdoor.Qadars.
When the Trojan is executed, it creates the following files:
%User Profile%\Application Data\Microsoft\AddIns\mudemqk.exe
%Windir%\Tasks\[32 RANDOM HEXADECIMAL CHARACTERS].job
The Trojan then opens a back door on the compromised computer, allowing an attacker to perform the following actions:
Gather information from the computer, including data on the installed operating system, hardware and software
Perform man-in-the-browser attacks
Steal certificates and credentials
Update the Trojan
Restart the computer
Uninstall the Trojan
The Trojan may also try to trick the user into installing malware on their mobile device.