PHP/Agent.NGD [Threat Name] go to Threat
PHP/Agent.NGD [Threat Variant Name]
Category | trojan |
Size | 4821 B |
Aliases | Trojan.PHP.Agent.ru (Kaspersky) |
Troj/PHPDoor-X (Sophos) | |
Php.Trojan.Agent.Wrqf (Tencent) |
Short description
The trojan serves as a backdoor. It can be controlled remotely.
Installation
The trojan does not create any copies of itself.
The trojan is usually found in the following folder:
- %webserverdocumentsrootfolder%
Information stealing
The trojan collects the following information:
- PHP version
Payload information
The trojan acquires data and commands from a remote computer or the Internet.
The HTTP protocol is used.
It may perform the following actions:
- send gathered information
- execute PHP code