Malware City/Blog/

Jun

25

Filed Under:

VIRUSES DESCRIPTIONS

Backdoor.Hamweq.A

25 June 2008

The virus starts by decryipting a part of its code in order to resolve its imports.

When that is done it searches for the process svchost.exe, injects in it and creates the mutex asd..6567fj.

After the virus code has been injected it checks if it runs from C:RecyclerD-1-5-21-1482476501-1644491937-682003330-1013autorun.exe and if doesn't it copies to that location. It then creates two threads.

For more information, symptoms and removal instructions click here .

RELATED INFO:
VIRUSES DESCRIPTIONS

Tweet

Comment on this

CITY SELECTOR:
English

MEET THE OFFICIALS
OF MALWARE CITY
SEE THE AUTHORS

Calendar

Search the City

Follow us on

TWITTER FACEBOOK RSS FEED

Like us on Facebook

GET THE LATEST NEWS SUBSCRIBE TO OUR NEWSLETTER

CITIZEN PETITIONS SEND US YOUR FEEDBACK

Browse
Blog
News
Forum

Toolbox
QuickScan
OnlineScan
Dictionary
Virus Encyclopedia
Fan Zone

Malware City
About
Contact
Privacy Policy
Site Map

Bitdefender is a worldwide trusted security solution provider

Mo	Tu	We	Th	Fr	Sa	Su
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29
« Jan		Feb			Mar »

Malware City/Blog/

Backdoor.Hamweq.A

Comment on this

Calendar

Search the City

Categories

MISCELLANEOUS

WEEKLY REVIEW

Mal'art

VIRUSES DESCRIPTIONS

CONTEST

PHISHING ALERT

MALWARE HISTORY

HOW TO....

BOTNETS

SPAM

ALERTS

BitDefender Technology Videos

SPAM REVIEW

VULNERABILITIES

Q&A - From The Labs

TECHNOLOGY TRENDS

SOCIAL NETWORKS

HACKING

MALWARE

MOBILE

Tags

Follow us on

Like us on Facebook

Malware City/Blog/

Backdoor.Hamweq.A

Related

Comment on this

Calendar

Search the City

Categories

Tags

Follow us on

Like us on Facebook