|
|
Backdoor.WinCE.Brador. Viruses Information
| Name: |
Backdoor.WinCE.Brador. |
| Category: |
Viruses |
| Description:
|
Details
Backdoor.WinCE.Brador.a
Brador.a is a backdoor (a utility allowing for remote administration of the infected machine) for PocketPC based on Windows CE and newer version of Windows Mobile.
It is written in ASM for ARM-processors and is 5632 bytes in size.
After Brador is launched in creates an svchost.exe file in the /Windows/StartUp/ folder, thus gaining full control over the handheld every time it is restarted.
Brador identifies the IP address of the infected handheld and sends it to the virus coder to inform him that the handheld is connected to the Internet and that the backdoor is active. Brador then opens port 2989 and awaits further orders.
The backdoor responds to the following commands:
d - lists the directory contents
f - closes the session
g - uploads a file
m - displays MessageBox
p - downloads a file
r - executes the specified command |
Top Viruses Visited Pages:
Invader. - 231 visits
not-a-virus:RiskWare.Tool.RegPatch. - 69 visits
Worm.P2P.Harex. - 63 visits
not-a-virus:RemoteAdmin.Win32.RAdmin.2 - 55 visits
Small.58. - 55 visits
Coito.64 - 53 visits
I-Worm.Mapson. - 45 visits
Win32.Hidra - 41 visits
Win16.Klon.1177 - 40 visits
Marine.500 - 34 visits
Random Viruses Pages:
MMCA.50
Green.103
MPTI.1536.
Muminki.90
Angel_2 Famil
Macro.Word97.Bo
Aga.300
Waria.47
Tajfu
Win32.Halen.259
|
|
