OSX/Imuler [Threat Name] go to Threat
OSX/Imuler.A [Threat Variant Name]
|Signature database version||6489 (Sep 23, 2011)|
The trojan serves as a backdoor. It can be controlled remotely. The trojan is usually a part of other malware.
When executed, the trojan creates the following folder:
The OSX/Imuler.A copies itself there using the following name:
In order to be executed on every system start, the trojan creates the following file:
The trojan creates the following files:
The trojan acquires data and commands from a remote computer or the Internet.
The trojan contains a list of (1) URLs. The HTTP protocol is used.
It can execute the following operations:
- capture screenshots
- send files to a remote computer
- sending various information about the infected computer
- download files from a remote computer and/or the Internet
- run executable files
- extract ZIP archive