Know Your Malware: Masot Removal

Masot is a backdoor, which provides the attacker with unauthorized remote access to the compromised computer. The intruder can take screenshots of user activity, terminate running processes, download arbitrary files and thus steal user sensitive information. Masot can disable the Windows Firewall. The backdoor runs a hidden web server and can be controlled through the web interface.

The attacker can reconfigure the parasite. Certain Masot variants may display fake error messages and use varied ports. The backdoor automatically runs on every Windows startup.

Related files: explorer64.exe

Masot properties:
Allows remote user connection
Takes and sends out screenshots of user activity
Hides from the user
Stays resident in background Remove Masot, removal instructions

Linked by shanmuga Wednesday, 11th January 2006 12:40AM