Home > Threat descriptions >

Backdoor:Java/Adwind

Classification

Category: Malware

Type: Backdoor

Platform: Java

Aliases: Backdoor:Java/Adwind.A, Backdoor:Java/Adwind.B

Summary


Backdoor:Java/Adwind is a Java archive (.JAR) file that drops a malicious component onto the machines and runs as a backdoor. When active, it is capable of stealing user information and may also be used to distribute other malware.

Removal


Automatic action

Based on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the detected program or file, or ask you for a desired action.

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details


Backdoor:Java/Adwind is typically spread as an executable file attached to spam email messages. When the file attachment is launched, the archive file drops malicious components onto the system , then continues to run in the background. On a Windows machine, the components are dropped to the %AppData% folder.

When running in the background, the Adwind archive file serves as a backdoor, able to install other programs, steal user information, log keystrokes, capture screenshots and update its own configuration. Information captured by the backdoor is silently forwarded to a remote server.

Date Created: -

Date Last Modified: -