Win32/Turla [Threat Name] go to Threat

Win32/Turla.Q [Threat Variant Name]

Category trojan
Size 803328 B
Detection created Aug 16, 2013
Detection database version 8695
Short description

The trojan serves as a backdoor. It can be controlled remotely. The trojan can be used to gain full access to the compromised computer.

Installation

The trojan is usually a part of other malware.


The trojan may create copies of the following files (source, destination):

  • %system%\­cmd.exe, %temp%\­svchost.exe

The trojan may create the following files:

  • %currentfolder%\­msrecda.dat
Other information

The trojan serves as a backdoor. It can be controlled remotely.


The malware configuration is passed as command line parameters when the malware executable is launched.


It tries to connect to remote machines to ports:

  • 443
  • 8080

The SSL protocol is used.


It may perform the following actions:

  • execute shell commands

Please enable Javascript to ensure correct displaying of this content and refresh this page.