Backdoor.Khaos

Discussion in 'malware problems & news' started by Randy_Bell, Feb 20, 2003.

Thread Status:
Not open for further replies.
  1. Randy_Bell
    Offline

    Randy_Bell Registered Member

    Symantec Security Response - Backdoor.Khaos

    Backdoor.Khaos is a backdoor Trojan that gives an attacker unauthorized access to your computer. Backdoor.Khaos usually arrives as the file, Server2.exe. By default it opens port 6969 for listening.

    Backdoor.Khaos does not automatically install itself, as some other program usually installs it. As a result, even if Backdoor.Khaos is installed, in most cases, it will no longer run after you restart your computer.

    Backdoor.Khaos is written in Microsoft Visual Basic 5 and it requires that the Visual Basic (VB) run-time libraries be installed on your computer in order for it to execute.

    Also Known As: BKDR_KHAOS.A [Trend], Backdoor.Khaos [KAV], Backdoor.Win32/Khaos [RAV]
    Type: Trojan Horse
    Infection Length: 59,904 bytes [server], 141,824 bytes [client]
    Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me
    Systems Not Affected: Microsoft IIS, Macintosh, OS/2, UNIX, Linux

    (see above link for technical details and removal instructions)
Thread Status:
Not open for further replies.