Mdm.exe[solved]

miekiemoes
miekiemoes
edited June 2008 in Sample submission

Hi,


Gathered mdm.exe from a terribly infected machine. It looks/appears like an SDBot variant - undetected by Bitdefender.


This file was present in the %WinDir%\AppPatch folder. PeLocked (unpack this nu die. got it?) - Typical for these variants <img class=" />


Runs as the service "Machine_Dbg-Mgr", displayname "Machine Debug Manager" (sneaky).


Edit - Duh! Forgot to attach.


/applications/core/interface/file/attachment.php?id=336" data-fileid="336" rel="">mdm.zip

Comments

  • Cd-MaN
    Cd-MaN

    Signed as Backdoor.SdBot.AAD, will be detected after the next update. Thank you for the signature.


    Best regards.

All Time Leaders

Categories

Defenders of the month