Home Malware Programs Backdoors AIMVision

AIMVision

Posted: March 28, 2006

AIMVision is a backdoor that gives the attacker unauthorized remote access to a compromised PC.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 qi00tbz.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOTexefileShellOpenCommand(Default)=%System%qi00tbz.exeHKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunbbbb

Related Posts

Loading...