Selected viruses, spyware, and other threats: sorted alphabetically
Short descriptionWin32/Otlard.A installs a backdoor that can be controlled remotely.
InstallationThe trojan does not create any copies of itself.
The following file is dropped into the %system%drivers folder:
- %variable%.sys (17376 B)
- %system%drivers%variable%.sys, %variable%
After the installation is complete, the trojan deletes the original executable file.
Other informationThe trojan serves as a backdoor. It can be controlled remotely.
The trojan acquires data and commands from a remote computer or the Internet.
The trojan contains a list of 6 URLs. It tries to download several files from the addresses. The HTTP protocol is used.
The files are then executed.
The trojan creates and runs a new thread with its own program code within the following processes:
"Randseed_1" = %hex_value%
"Randseed_2" = %hex_value%