Name: Jeem Trojan Category: Backdoor Alias: Backdoor.Jeemp, BKDR_JEEM, Troj/Bdoor-AML Advice: Remove Risk: Severe Risk Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine. Description: Jeem Trojan is a trojan horse that allows an attacker to control your computer from a remote location. Jeem Trojan is also carrying a SMTP engine, which allow the attacker to send emails from the infected machine. The Trojan opens three TCP ports to allow the hacker to remotely control the infected computer. One TCP port is used for SMTP service; this allows the hacker to send email through the compromised system. It may be downloaded and executed when Downloader.BO runs. It is written in the Microsoft C++ programming language and is compressed with UPX. Signatures: process: msrexe.exe: MD5 Hash: 6cf4ff512e9497c966c... process: msrexe.exe: MD5 Hash: ... process: msrexe.exe: MD5 Hash: b5453658945100160e8.. Type: Backdoor - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy.