Pushdo Trojan domain – fybucjawuch.kz

The fybucjawuch.kz has been listed on Cyberwarzone as it has been identified by fidelissecurity.com as a malicious domain. In this particular case, we are dealing with a Pushdo Trojan domain which is used by cybercriminals to install Trojan on devices of unaware users or as a gateway for the Trojan to exchange information with the C&C server.

The Pushdo Trojan is classified as a “downloader” Trojan, meaning that its true purpose is to download and install additional malicious files on the infected device.

Fun fact: Did you know that once you visit one of the C&C servers of Pushdo with the wrong URL, it will send you a random message back like “Looking for Blackjack?”. The cybercriminals have implemented this to “trick” people into believing that they are visiting a website instead of the Pushdo C&C  server.







Aliases for the Pushdo Trojan:

  • Trj/Downloader.SIA
  • Backdoor.Win32.Agent.ehg
  • W32/Smalltroj.CQWT
  • Troj/Agent-GNA
  • W32/Smalltroj.CQWT

Please use the following resources to get a better understanding about the Pushdo Trojan: