DoublePulsar is a backdoor implant tool developed by the U.S. National Security Agency's (NSA) Equation Group that was leaked by The Shadow Brokers in early 2017.
Backdoor.Doublepulsar is a Trojan horse that opens a back door on the compromised computer.
TECHNICAL DETAILS
The tool was able to infect more than 200,000 Microsoft Windows computers in only a few weeks,and was used alongside EternalBlue in the May 2017 WannaCry ransomware attack.
When the Trojan is executed, it creates the following file:
Doublepulsar-1.3.1.exe
The Trojan may connect to preconfigured IP addresses and ports.
The Trojan communicates with the attacker using one or more of the following protocols:
- RDP
- SMB
Solution
You may have arrived at this page either because you have been alerted by your Symantec product about this risk, or you are concerned that your computer has been affected by this risk.
Before proceeding further we recommend that you run a full system scan. If that does not resolve the problem you can try one of the options available below.
Removal Tool
- Run Norton Power Eraser (NPE)