Know Your Malware: Samsa Removal


Samsa is a backdoor that provides the attacker with unauthorized remote access to the compromised computer. The intruder can download and upload arbitrary files, execute system commands and manage the file system. Samsa can also contact predefined web servers. The backdoor is able to run every time the user launches a program or opens a text file.

Related files: intranet.exe, pramery.exe

Samsa properties:
Allows remote user connection
Connects itself to the internet
Hides from the user
Stays resident in background Remove Samsa, removal instructions

Linked by shanmuga Sunday, 22nd January 2006 6:36AM