Bitdefender @Bitdefender

Backdoor.Hamweq.A

June 25, 2008

1 Min Read

The virus starts by decryipting a part of its code in order to resolve its imports.

When that is done it searches for the process svchost.exe, injects in it and creates the mutex asd..6567fj.

After the virus code has been injected it checks if it runs from C:RecyclerD-1-5-21-1482476501-1644491937-682003330-1013autorun.exe and if doesn’t it copies to that location. It then creates two threads.

For more information, symptoms and removal instructions click here .

Tagsbackdoor code hamweq starts virus

About the author

View All Posts

Bitdefender

We're a sublime alloy of intelligence, strength and willpower. We have the sharp mind of the wolf and the sleekness of the dragon, the vigilance of the alpha-male and the indestructibility of the snake's body. We are a unique combination of symbols that fight on Good's side.

M	T	W	T	F	S	S
« Jun
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31

The Safe Nomad (2). Vanessa Jater, Colombia, and her one month crash-course in everything

The Safe Nomad (1). Karen Maraj, Canada. “I had to make myself lucky.”

The Safe Nomad

The Safe Nomad (2). Vanessa Jater, Colombia, and her one month crash-course in everything

The Safe Nomad (1). Karen Maraj, Canada. “I had to make myself lucky.”

The Safe Nomad

Backdoor.Hamweq.A

About the author

Bitdefender

Add Comment

Cancel reply

Promo

Recent shouts

Time Machine

You may also like

About the author

Bitdefender

Add Comment

Promo

Recent shouts

Time Machine