Troj/Nuclear-BE is a backdoor Trojan for the Windows platform that provides an unauthorized remote access to the infected computer.

When first run Troj/Nuclear-BE copies itself to \NR\example.exe

Troj/Nuclear-BE attempts to drop a file that is also detected as Troj/Nuclear-BE. The dropped file has the capability to take system snapshots, log keyboard and can give access to a remote server.

Registry entries are created under:


More information can be found at this Sophos page.