BKDR_KULUOZ.PFG
February 01, 2013
ALIASES:
a variant of Win32/Kryptik.ABNX trojan, a variant of Win32/Kryptik.ABNX trojan (Eset), W32/Kuluoz.APB!tr.dldr (Fortinet)
PLATFORM:
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
INFORMATION EXPOSURE:
Threat Type: Backdoor
Destructiveness: No
Encrypted: Yes
In the wild: Yes
OVERVIEW
Infection Channel:
Downloaded from the Internet, Dropped by other malware
This malware disguises as delivery receipts for well-known postal and delivery services firms and airlines.
To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below.
For the related story, you may read the blog post