How can I find out what transmits the virus to the server and how can I cut it out of the exe?

V

Volk_J2015-11-08 20:39:12

Programming

Volk_J, 2015-11-08 20:39:12

Good afternoon.
A friend of mine sent me one exe the other day. Kaspersky showed that this is heur:trojan.win32.generic. But that's nothing, as it turned out later, when the file was launched, the Backdoor.win32.darkkomet.xyk virus was downloaded without knowledge
. How can I find out what kind of virus it is and what it transmits and where it transmits data to.
How can I find it in the source code of the file and remove the download of the Backdoor virus and other suspicious elements.
Recommend programs that monitor all Internet traffic on a computer in order to know what, who and where transfers PC data.
Thanks in advance.
PS. I managed to talk a little with the author of the exe. It claims there is nothing there, just data collection: IP and username.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

N

nirvimel, 2015-11-08
@nirvimel

How can I find it in the source code of the file and remove the download of the Backdoor virus and other suspicious elements.

exe file is a compiled program, there is no source code inside.
To remove trojan.win32.generic, you just need to delete its exe file.

A

Artem, 2015-11-08
@ulkoart

wireshark look where to break.