1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: Backdoor.Qadars Activity 3

System Infected: Backdoor.Qadars Activity 3

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects the network activity generated by Backdoor.Qadars.

Additional Information

When the Trojan is executed, it creates the following files:

%User Profile%\Application Data\Microsoft\AddIns\mudemqk.exe

The Trojan then opens a back door on the compromised computer, allowing an attacker to perform the following actions:

Gather information from the computer, including data on the installed operating system, hardware and software
Perform man-in-the-browser attacks
Steal certificates and credentials
Manipulate cookies
Download files
Update the Trojan
Restart the computer
Uninstall the Trojan

The Trojan may also try to trick the user into installing malware on their mobile device.


  • Windows
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube