This backdoor may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.
It registers itself as a system service to ensure its automatic execution at every system startup. It does this by creating registry keys/entries.
It is capable of hiding files and processes by modifying assigned functions in a certain Windows file which handles basic Windows functions. Incorrect modification of the said file may cause affected systems to crash.
Using a random port, this backdoor allows a remote malicious user to connect to the affected system. Once a connection is established, it allows the remote user to execute commands on the system, thus compromising system security.
It drops component files.


More...