Hupigon

Hupigon (also Graftor) detected as (Backdoor.Win32.Hupigon, Trojan.Win32.Hupigon, Backdoor.Win32.Graftor, and Trojan.Win32.Graftor) is a backdoor Trojan. Its first known detection goes back to November 2008, according to Securelist from Kaspersky Labs.^[1]

Hupigon
Type	Backdoor
Authors	Red Apollo
Technical details
Platform	Windows, Linux, iOS, Android

This malicious software, which usually should be a portable executable (and may be packed with UPX), is mostly used in order to connect a (worldwide) group of victimized PCs and form a botnet (also known as a zombie network). The software is able to spread through networks in order to infect other computers as computer worms do (see Conficker). The difference is that such backdoors do not spread automatically (as worms do), but are started through a command and control-center who is supervising them.

In the Hupigon family, there are a large number of variants. They are written in Borland Delphi.

Other aliases

• Trojan.Win32.Boht (Kaspersky Labs and Fortinet)
• Backdoor:Win32/Bezigate (Microsoft)
• Backdoor.Win32.Graftor (Bitdefender)^[2]

External links

• Analysis of a file - VirusTotal
• Analysis of a file - Threat Expert