Discovered: July 11, 2003
Updated: February 13, 2007 12:03:44 PM
Also Known As: Proxy-Migmaf [McAfee], Troj/Migmaf-A [Sophos], TROJ_MIGMAF.A [Trend], Win32.Migmaf.A [CA]
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Backdoor.Migmaf is a reverse proxy Trojan Horse that redirects HTTP requests to a master Web server. This enables the creator of the Trojan to hide the real IP address of the Web server, which typically contains pornographic material.
Backdoor.Migmaf is written in Microsoft Visual C++ and is packed with tElock v0.98.
There have been reports that Backdoor.Migmaf is distributed with the
W32.Sobig.E@mm worm, this has not been confirmed.
Protection
-
Initial Rapid Release version July 14, 2003
-
Latest Rapid Release version August 20, 2008 revision 017
-
Initial Daily Certified version July 14, 2003 revision 002
-
Latest Daily Certified version August 20, 2008 revision 016
-
Initial Weekly Certified release date July 16, 2003
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Moderate
Damage
Distribution
Writeup By: Scott Gettis
