The NDIS-level backdoor used by VirTool:WinNT/Exforel.A is much more low-level and stealthy than that used by traditional backdoors – there is no connecting/listening port so it is more difficult to notice. The backdoor traffic is completely invisible to user-mode applications.
Functionalities:
- Uploading files
- Downloading files
- Executing files
- Routing TCP/IP packets
This sample appears to be used for a specific attack targeting a certain organization.
I have been using AVG Anti-virus for a number of years now, I'd recommend this product to all of you.
ReplyDelete