Search
Keyword: irc generic
\CurrentVersion\MCD Use Generic Stencil = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\MCD Enumerate as ICD = "0" Other Details This Trojan connects to the following possibly malicious URL:
\ProgramData on Windows Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) and 10(64-bit). ) This report is generated via an automated analysis system. Trojan:Win32/Tiggre!rfn (Microsoft); Generic Trojan.ji (McAfee);
basically uses stolen email threads from previously
infected victims to make their spam emails appear legitimate. However, the spam messages are generic messages that have nothing to do with the email thread.
executes the following commands from a remote malicious user: Block DNS Create processes Download other files Insert iFrame tags into HTML files Join an IRC channel Log in to FTP sites Perform Slowloris,
from a remote malicious user: Block DNS Create processes Download other files Insert iframe tags into HTML files Join an IRC channel Log in to FTP sites Perfrom Slowloris, UDP, and SYN flooding Run
following backdoor capabilities: Block DNS Create processes Download other files Insert iframe tags into HTML files Join an IRC channel Log in to FTP sites Perfrom Slowloris, UDP, and SYN flooding Run Reverse
and their corresponding random filenames in the system IRC data FTP hosts (upload sites) Infection log It accepts the following parameters: /i - drop the dll and config file to current directory /s -
}arke.com juice.{BLOCKED}racala.org {BLOCKED}.190.237 W32.Pilleuz!gen15 (Symantec); Trojan:Win32/Rimecud.A (Microsoft); Trojan.Win32.Pincav.atfx (Kaspersky); Generic Dropper.yb (Mcafee); Mal/Palevo-A (Sophos)
gmail-smtp-in.l.google.com in1.smtp.messagingengine.com mail7.digitalwaves.co.nz mxs.mail.ru Trojan.Gen.2 (Symantec); Trojan:Win32/Orsam!rts (Microsoft); Trojan.Win32.Scar.fcfu (Kaspersky); Generic BackDoor.un (Mcafee) Steals
Trojan:Win32/Agent.OO (Microsoft), Worm.Win32.AutoRun.ecj (Kaspersky), W32.Whybo.Z (Symantec), Generic Malware.ja (NAI), Mal/Packer (Sophos), BehavesLike.Win32.Malware.eah (mx-v) (Sunbelt), WORM/Rbot.Gen (Antivir),
Propagation This worm drops copies of itself in all removable drives. Trojan.Gen (Symantec); Trojan:Win32/Alureon.CT (Microsoft); Trojan-Dropper.Win32.TDSS.efj (Kaspersky); Generic Dropper.uc (Mcafee)
Backdoor:Win32/Simbot.gen (Microsoft); Backdoor.Win32.Agent.bwtk (Kaspersky); Generic BackDoor!dtr (Mcafee); Mal/Simbot-A (Sophos)
}m.info/key.bin This report is generated via an automated analysis system. Generic BackDoor.vo (McAfee); Backdoor.Trojan (Symantec); Backdoor.Win32.Shiz.aiou (Kaspersky); Trojan.Win32.Generic!SB.0 (Sunbelt);
\Local Settings\Temp on Windows 2000, XP, and Server 2003.) This report is generated via an automated analysis system. VirTool:Win32/Vtub.Y (Microsoft); Generic Dropper!hv.f (McAfee); Downloader (Symantec
TrojanDropper:Win32/Cleaman.B (Microsoft); Generic Downloader.kn (McAfee); Trojan.Gen (Symantec); Trojan.Win32.Generic.pak!cobra (Sunbelt); Gen:Variant.Boigy.1 (FSecure)
Trojan:Win32/Cleaman.G (Microsoft); Generic Downloader.mw (McAfee); Packed.Generic.362 (Symantec); Packed.Win32.Krap.iu (Kaspersky); Trojan-Spy.Win32.Zbot.dptt (v) (Sunbelt)
characters} It deletes itself after execution. This report is generated via an automated analysis system. Trojan:Win32/Cryptrun.B (Microsoft); Generic Dropper!1gm (McAfee); Trojan.Gen (Symantec);
PWS:Win32/OnLineGames.JU, PWS:Win32/OnLineGames. (Microsoft); Generic Malware.co (McAfee); Packed.Generic.114 (Symantec); Trojan-GameThief.Win32.OnLineGames.bnxh (Kaspersky); Trojan.Win32.Generic!BT (Sunbelt)
automated analysis system. TrojanDownloader:Win32/Agent.TK (Microsoft); Generic StartPage!yx (McAfee); Trojan.ADH (Symantec); ARC:NSIS, [data0001]:Trojan-Clicker.Win32.NSIS.bc (Kaspersky);
Trojan:Win32/Cleaman.G (Microsoft); Generic FakeAlert.gr (McAfee); Trojan.Ransomlock (Symantec); Trojan-Downloader.Win32.Dapato.anm (Kaspersky); Trojan.Win32.Cleaman.g (v) (Sunbelt); Trojan.Generic.7043025 (FSecure)