OSX/FruitFly [Threat Name] go to Threat
OSX/FruitFly.A [Threat Variant Name]
Category | trojan |
Size | 47952 B |
Detection created | Jan 19, 2017 |
Detection database version | 14796 |
Aliases | OSX/Bckdr-RUA (Sophos) |
Short description
The trojan serves as a backdoor. It can be controlled remotely.
Installation
The trojan does not create any copies of itself.
Information stealing
OSX/FruitFly.A is a trojan that steals sensitive information.
The trojan collects the following information:
- webcam video/voice
- user name
The trojan attempts to send gathered information to a remote machine.
Other information
The trojan acquires data and commands from a remote computer or the Internet.
The trojan contains a list of (1) URLs. The TCP protocol is used in the communication.
The trojan opens some TCP ports:
- 2024
It can execute the following operations:
- capture webcam video/voice
- send files to a remote computer
- send gathered information