The program BB is used for hidden penetration into PC and its remote administration.
UnHackMe is recommended as a reliable program for solving the problem with BB.
Download for free: http://www.unhackme.com
Malware Analysis of BB
Full path on a computer: %SysDir%\bb
Detected by UnHackMe:
Item Name: bb
Author: Unknown
Related File: %SYSDIR%\BB
Type: Running Processes
Removal Results: Success
Number of reboot: 1
BB is known as:
Backdoor.Hupigon, PWS.Hupigon.AAA.8, Backdoor.Hupigon.faqw, Trojan.Hupigon.jdxq, W32.HupigonP.EJ, Backdoor.Graybird, Win32.Pigeon.AWLT, BKDR_HUPIGON.DCM, Trojan.Hupigon-9089, Backdoor.Hupigon.gptq, Backdoor.Hupigon.9SFzzkAki6Y, Backdoor.A.Hupigon.659456.AA, Backdoor.Hupigon.~AWO, Trojan.DownLoader7.28645, Backdoor.Hupigon.ayau (v), Backdoor.Huigezi.2007.ben, Troj.HuigeziT.zz.656896, PWS.Hupigon.AAA, Win-Trojan.Hupigon.659456.B, Backdoor.Hupigon, a variant of Win32.Hupigon, Trojan.Undef.suc, W32.Hupigon.EMB.tr.bdr, BackDoor.Hupigon5.AQSQ, Bck.Hupigon.AZG
BB hash:
- MD5: e8075aac70dfe6c68bb9d4c945d0091e
Registry:- HKLM\Software\Classes\CLSID\{C97BF5E6-895E-41EA-AE58-62C9A72B5292}\InprocServer32\: “%SysDir%\PassDLL.DLL”
- HKLM\Software\Classes\CLSID\{E0BEF572-4140-4C03-AF3A-F0887719B374}\InprocServer32\: “%SysDir%\PassDLL.DLL”
- HKLM\System\CurrentControlSet\Services\bb\ImagePath: “%SysDir%\bb”
- HKLM\System\CurrentControlSet\Services\bb\DisplayName: “bb”
Folders:- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\AntiPhishing
- C:\Documents and Settings\LocalService\Favorites
Files:- %Temp%\x1027.exe
- %Temp%\~DF782B.tmp
- %Temp%\?