OSX/Lamadai [Threat Name] go to Threat
OSX/Lamadai.A [Threat Variant Name]
|Detection created||Mar 26, 2012|
|Signature database version||7001|
The trojan serves as a backdoor. It can be controlled remotely.
When executed, the trojan copies itself into the following location:
The OSX/Lamadai.A creates the following file:
This causes the trojan to be executed on every application start.
The trojan acquires data and commands from a remote computer or the Internet.
The trojan connects to the following address:
It tries to connect to remote machine to port:
The trojan may execute the following commands:
- execute shell commands
- download files from a remote computer and/or the Internet
- send files to a remote computer