PHP/Agent.NGD [Threat Name] go to Threat

PHP/Agent.NGD [Threat Variant Name]

Category trojan
Size 4821 B
Detection created Mar 03, 2017
Detection database version 15031
Aliases Trojan.PHP.Agent.ru (Kaspersky)
  Troj/PHPDoor-X (Sophos)
  Php.Trojan.Agent.Wrqf (Tencent)
Short description

The trojan serves as a backdoor. It can be controlled remotely.

Installation

The trojan does not create any copies of itself.


The trojan is usually found in the following folder:

  • %webserverdocumentsrootfolder%
Information stealing

The trojan collects the following information:

  • PHP version
Payload information

The trojan acquires data and commands from a remote computer or the Internet.


The HTTP protocol is used.


It may perform the following actions:

  • send gathered information
  • execute PHP code

Please enable Javascript to ensure correct displaying of this content and refresh this page.