Backdoor:Java/Adwind

Threat description

Details

CATEGORYMalware
TYPEBackdoor
PLATFORMW32, W64, OSX, LINUX

Summary

Backdoor:Java/Adwind is a Java archive (.JAR) file that drops a malicious component onto the machines and runs as a backdoor. When active, it is capable of stealing user information and may also be used to distribute other malware.



Removal

Automatic action

Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action.

More scanning & removal options

More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Contact Support

F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

Technical Details

Backdoor:Java/Adwind is typically spread as an executable file attached to spam e-mail messages. When the file attachment is launched, the archive file drops malicious components onto the system , then continues to run in the background. On a Windows machine, the components are dropped to the %AppData% folder.

When running in the background, the Adwind archive file serves as a backdoor, able to install other programs, steal user information, log keystrokes, capture screenshots and update its own configuration. Information captured by the backdoor is silently forwarded to a remote server.

Submit a Sample

Suspect a file or URL was wrongly detected?
Send it to our Labs for further analysis

Submit a Sample

Scan & clean your PC

F-Secure Online Scanner will scan and clean your PC in just a few minutes for free

More Info