This component is part of RedKod Trojan
Component Name: kernel32.exe
Description of : RedKod is a backdoor Trojan that gives an attacker full administrative access to an infected system. It installs an executable file that an attacker can chose to name differently. This makes it difficult to locate and remove manually as the file can be given a legitimate name such as system.exe or kernel.exe. Once installed, an attacker can access, modify, and transfer files from the infected system to a predetermined location. It can also monitor system information, change computer configuration, and run processes. RedKod listens on Port 58666 for the attacker’s commands and patches Netstat to hide its Network connections.
Recommendation for :
It is strongly recommended that you remove this program from your computer.
Trusted: No
Trojan: Yes
Chronic: No
Adware: No
Carrier: No
Browser Hijacker: No
Dialer: No
Commercial Keylogger: No
Remote Administration Tool: No
Suspected: No
Company Name: N/A
Platforms Affected:
Methods of Distribution: This trojan is transmitted via stealth installation through unsecured channels such as malicious websites, email, and chat systems.
Variants/Versions:
Release Date: 2004