Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:BDS/ZAccess.L
Date discovered:27/02/2012
Type:Backdoor Server
In the wild:No
Reported Infections:Medium
Distribution Potential:Medium to high
Damage Potential:Low
Static file:Yes
File size:17408 Bytes
MD5 checksum:b7208d655cf43168c57669335e85fbf0
VDF version:7.11.24.18 - Monday, February 27, 2012
IVDF version:7.11.24.18 - Monday, February 27, 2012

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Kaspersky: HEUR:Backdoor.Win64.Generic
     Microsoft: Trojan:Win64/Sirefef.N
   •  Grisoft: Generic27.VJH
     GData: Win32:Malware-gen


Platforms / OS:
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7


Side effects:
    Can be used to execute malicious code

 Miscellaneous Event handler:
It creates the following Event handlers:
   • ZwWaitHighEventPair
   • ZwCreateEventPair
   • ZwSetLowEventPair
   • ZwDelayExecution
   • ZwOpenFile


String:
Furthermore it contains the following strings:
   • GET /geo/txt/**********.php
   • HTTP/1.0
   • promos.**********.com

Description inserted by Wensin Lee on Wednesday, February 29, 2012
Description updated by Wensin Lee on Wednesday, February 29, 2012

Back . . . .