Win32.Hupigon Trojan Virus Description
Hupigon belongs to a family of Backdoor Trojans. It will allow the remote user to access the infected computer. The backdoor file is PE executable and it is rare if the variant is below 299kB. The kit that is used to make this type of malware has some default settings in order to pack the codes just like UPX. The unpacked size of the code is 710kB. This is written using Borland Delphi.
Hupigon Malware Installation
This programs gets copied itself to the computer system directory as notepad.exe and winreg.exe and then it will register the same file in the directory of the system and ensures the file is executed each time the system reboots. It changes the launch parameters for the text files and executable files so that at the same time the Trojan fill will be launched automatically.
How Win32.Hupigon Trojan Virus Works
When Backdoor’s file starts, it will copy itself as one of the files named similar to that of ‘Hacker.com.cn.exe’ in Windows system folder and then it will start to create some startup key values in the registry. Hupigon variants have many types of different features. Hupigon clones itself typically to some of the installation paths such as system32 and will use some processes in order to make itself look like a valid Window program
Hupigon Trojan Virus Malware Payload
The program opens up several random TCP ports including the UDP port 8310 in order to take the commands and then the remote user can use the program so that he can conduct the file operation, log keystrokes, format the disk etc.
W32.Hupigon Malware Basic Removal Steps
Win32.Hupigon should be removed using an anti-virus program if you are not savvy with registry modifications and computer security. Click here for automatic removal instructions for removing the W32.Hupigon Trojan Virus.
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.
