Backdoor.Cycbot.A
Posted: December 27, 2011
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 6/10 |
|---|---|
| Infected PCs: | 6,232 |
| First Seen: | November 30, 2010 |
|---|---|
| Last Seen: | June 23, 2023 |
| OS(es) Affected: | Windows |
Backdoor.Cycbot.A is a backdoor Trojan that opens a back door on the infected computer system. Backdoor.Cycbot.A may spread via malicious downloads and content on the web. Backdoor.Cycbot.A may also contact the malicious server and report back what version of itself is running and may download updates. Backdoor.Cycbot.A may control its victim's activity on popular websites, such as search engines, social networks, e-commerce, video websites, etc. Backdoor.Cycbot.A also uses a random number to select what server to report back to and may use a specific user-agent string to mark itself. Backdoor.Cycbot.A can download and execute arbitrary files, upload and delete files. Get rid of Backdoor.Cycbot.A immediately after detection.
Aliases
Trj/KillFiles.BF [Panda]SHeur3.BBZH [AVG]W32/Swisyn.ALXY!tr [Fortinet]Backdoor.Win32.Goolbot [Ikarus]Win-Trojan/Downloader.77312.V [AhnLab-V3]Trojan/Win32.Swisyn.gen [Antiy-AVL]Win32/Swisyn.CB [eTrust-Vet]TR/Swisyn.alxy.2 [AntiVir]Trojan.DownLoader1.23379 [DrWeb]Trojan.Generic.4806317 [BitDefender]Trojan.Win32.Swisyn.alxy [Kaspersky]Backdoor.Cycbot [Symantec]W32/Trojan3.CAQ [F-Prot]Generic.dx!ulb [McAfee]Cryptic.BKE [AVG]
More aliases (910)
More aliases (910)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%WINDIR%\andy143.exe
File name: andy143.exeSize: 172.03 KB (172032 bytes)
MD5: 00acbad51d1c87712fef2a59bbd9f749
Detection count: 129
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%
Group: Malware file
Last Updated: December 1, 2010
%APPDATA%\Microsoft\Windows\shell.exe
File name: shell.exeSize: 129.53 KB (129536 bytes)
MD5: fbd7aed3145a59a7ce352b9439fd4857
Detection count: 115
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft\Windows
Group: Malware file
Last Updated: December 1, 2010
%WINDIR%\system32\printedit.dll
File name: printedit.dllSize: 470.52 KB (470528 bytes)
MD5: 9cb14fff0365220d4ae00f18495e80d5
Detection count: 96
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\system32
Group: Malware file
Last Updated: December 9, 2010
%USERPROFILE%\lkbfmln.exe
File name: lkbfmln.exeSize: 18.43 KB (18432 bytes)
MD5: b180feded7e9ee1aad000f64ff92f6b3
Detection count: 83
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: December 1, 2010
%WINDIR%\System32\DRIVERS\srenum.sys
File name: srenum.sysSize: 47.1 KB (47104 bytes)
MD5: 83c7e2a7add3a7de3e9ef9cc457f7546
Detection count: 70
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\DRIVERS
Group: Malware file
Last Updated: December 1, 2010
%USERPROFILE%\Start Menu\Programs\Startup\RHCPL.exe
File name: RHCPL.exeSize: 25.6 KB (25600 bytes)
MD5: f1149ee97164d239304fabac6234b8ba
Detection count: 60
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: December 1, 2010
C:\MessengerPlus\IEBrowserEvents.dll
File name: IEBrowserEvents.dllSize: 422.18 KB (422183 bytes)
MD5: 3a2de3fe969bd90072b0ebc626a09ec2
Detection count: 54
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\MessengerPlus
Group: Malware file
Last Updated: December 1, 2010
%APPDATA%\Flipopia\flipopia.exe
File name: flipopia.exeSize: 1.06 MB (1064960 bytes)
MD5: f81e26306f6244f964038e08e51e809f
Detection count: 46
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Flipopia
Group: Malware file
Last Updated: December 1, 2010
%PROGRAMFILES%\Java\jre-07\bin\jusched.exe
File name: jusched.exeSize: 64 KB (64000 bytes)
MD5: f83c617b55a53db1fc9bd68c9c732192
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\Java\jre-07\bin
Group: Malware file
Last Updated: December 1, 2010
%USERPROFILE%\My Documents\My Downloads\admin.exe
File name: admin.exeSize: 194.04 KB (194048 bytes)
MD5: 01561b954bcf7a8d70e633591b988281
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\My Documents\My Downloads
Group: Malware file
Last Updated: December 1, 2010
%TEMP%orary Internet Files\Content.IE5\94W370CX\movie[1].exe
File name: movie[1].exeSize: 194.56 KB (194560 bytes)
MD5: ae6b3daea687270874389f971ebd18b2
Detection count: 28
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%orary Internet Files\Content.IE5\94W370CX
Group: Malware file
Last Updated: December 1, 2010
%APPDATA%\updates\updates.exe
File name: updates.exeSize: 114.68 KB (114688 bytes)
MD5: 58c5604ac47dd9e67a807bab521e490b
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\updates
Group: Malware file
Last Updated: December 1, 2010
%USERPROFILE%\Start Menu\Programs\Startup\chkntfs.exe
File name: chkntfs.exeSize: 91.13 KB (91136 bytes)
MD5: 6ea03b0a1296b6a02c7272b31a011d8e
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: December 1, 2010
%WINDIR%\system32\msvmiode.exe
File name: msvmiode.exeSize: 109.91 KB (109912 bytes)
MD5: 4aa952ad15927f9847c379e5459ead51
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: December 1, 2010
%LOCALAPPDATA%\Temp\regprov.dll
File name: regprov.dllSize: 469.5 KB (469504 bytes)
MD5: c183b8821e561334ee0d9088f78d060e
Detection count: 15
File type: Dynamic link library
Mime Type: unknown/dll
Path: %LOCALAPPDATA%\Temp
Group: Malware file
Last Updated: December 9, 2010
%WINDIR%\SysWow64\api-ms-win-core-misc-l1-1-032.dll
File name: api-ms-win-core-misc-l1-1-032.dllSize: 365.56 KB (365568 bytes)
MD5: 137f8e711c3869a1c065db1f599705b3
Detection count: 14
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\SysWow64
Group: Malware file
Last Updated: December 1, 2010
%TEMP%\ajyWlxBiFK.exe
File name: ajyWlxBiFK.exeSize: 447.48 KB (447488 bytes)
MD5: 0f9c3aa84453b91cdec2c9152e10be3b
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: December 9, 2010
%PROGRAMFILES%\quicktime\propertypanels\proppanelhelpers.resources\da.lproj\quicktimeresourcesquicktime.exe
File name: quicktimeresourcesquicktime.exeSize: 165.37 KB (165376 bytes)
MD5: 810f4c861c7bc9728e14fad39f18ad5d
Detection count: 11
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\quicktime\propertypanels\proppanelhelpers.resources\da.lproj
Group: Malware file
Last Updated: December 1, 2010
C:\systeam\sysi.cpl
File name: sysi.cplSize: 964.09 KB (964096 bytes)
MD5: 4e8b68f22e1f0a0f3201465e5764e8d0
Detection count: 7
Mime Type: unknown/cpl
Path: C:\systeam
Group: Malware file
Last Updated: December 1, 2010
%COMMONPROGRAMFILES%\microsoft shared\ink\windowswindows2.7.2600.2180.exe
File name: windowswindows2.7.2600.2180.exeSize: 166.4 KB (166400 bytes)
MD5: 60db36352c5cd2c0bd18062f996db3c7
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %COMMONPROGRAMFILES%\microsoft shared\ink
Group: Malware file
Last Updated: December 1, 2010
%APPDATA%\bbizd.exe
File name: bbizd.exeSize: 106.49 KB (106496 bytes)
MD5: 88dc8cd3aa31adb39587ea09692f07df
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: December 1, 2010
%APPDATA%\fbx.exe
File name: fbx.exeSize: 57.34 KB (57344 bytes)
MD5: 97c2dd327917f8df38d005b2b968a3db
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: December 1, 2010
C:\Documents and Settings\<username>\Application data\Aicrosoft\stor.cfg
File name: C:\Documents and Settings\<username>\Application data\Aicrosoft\stor.cfgMime Type: unknown/cfg
Group: Malware file
C:\Documents and Settings\<username>\Application data\Microsoft\Windows\shell.exe
File name: C:\Documents and Settings\<username>\Application data\Microsoft\Windows\shell.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
C:\Documents and Settings\<username>\local settings\temp\dwm.exe
File name: C:\Documents and Settings\<username>\local settings\temp\dwm.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
More files
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.