1. Symantec/
  2. Security Response/
  3. Backdoor.Hale


Risk Level 1: Very Low

August 5, 2003
February 13, 2007 12:04:38 PM
Also Known As:
BackDoor-ATM.dr [McAfee]
Trojan Horse
Systems Affected:

Backdoor.Hale is a package of programs that provide backdoor access to an infected computer. This threat includes a Backdoor Trojan detected as Backdoor.Padmin, an FTP server, and various system utilities.

The existence of a C:\Winnt\System32\Qossrv folder is an indication of a possible infection. Some variants use C:\Winnt\System32\Dhcp instead, but this folder may be present on uninfected computers.

There have been reports that this threat is distributed by exploiting the DCOM RPC vulnerability, described in Microsoft Security Bulletin MS03-026. University domains have been heavily targeted.

Antivirus Protection Dates

  • Initial Rapid Release version August 6, 2003
  • Latest Rapid Release version August 8, 2016 revision 023
  • Initial Daily Certified version August 6, 2003
  • Latest Daily Certified version August 9, 2016 revision 001
  • Initial Weekly Certified release date August 6, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Heather Shannon

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube