PHP/Agent.NGD [Threat Name] go to Threat

PHP/Agent.NGD [Threat Variant Name]

Category trojan
Size 4821 B
Aliases (Kaspersky)
  Troj/PHPDoor-X (Sophos)
  Php.Trojan.Agent.Wrqf (Tencent)
Short description

The trojan serves as a backdoor. It can be controlled remotely.


The trojan does not create any copies of itself.

The trojan is usually found in the following folder:

  • %webserverdocumentsrootfolder%
Information stealing

The trojan collects the following information:

  • PHP version
Payload information

The trojan acquires data and commands from a remote computer or the Internet.

The HTTP protocol is used.

It may perform the following actions:

  • send gathered information
  • execute PHP code

Please enable Javascript to ensure correct displaying of this content and refresh this page.