Threat Explorer

The Threat Explorer is a comprehensive resource consumers can turn to for daily, accurate, up-to-date information on the latest threats, risks and vulnerabilities.

Hacktool.Brutex

Hacktool.Brutex

Updated:
13 February 2007
Risk Impact:
High
File Names:
run32.bat
Systems Affected:
Linux, Windows

Behavior


Hacktool.Brutex attempts to authenticate itself to a remote computer. If it can, it may copy files on it, and then execute them.

Antivirus Protection Dates

  • Initial Rapid Release version 02 October 2014 revision 022
  • Latest Rapid Release version 02 October 2014 revision 022
  • Initial Daily Certified version 07 April 2004
  • Latest Daily Certified version 28 September 2010 revision 036
  • Initial Weekly Certified release date 07 April 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

When Hacktool.Brutex is executed, it does the following:
  1. Attempts to authenticate to a remote file share by using a list of user names and passwords.

  2. Copies files to the remote share.

  3. Remotely executes the copied files.



The following instructions pertain to all Symantec antivirus products that support Security Risk detection.
  1. Update the definitions.
  2. Run a full system scan and delete all the files detected as Hacktool.Brutex.
For specific details on each of these steps, read the following instructions.

1. To update the definitions
To obtain the most recent definitions, start your Symantec program and run LiveUpdate.

2. To scan for and delete the files
  1. Start your Symantec antivirus program, and then run a full system scan.
  2. If any files are detected as Hacktool.Brutex, click Delete.


    Note: If your Symantec antivirus product reports that it cannot delete a detected file, write down the path and file name. Then use Windows Explorer to locate and delete the file.