Search
Keyword: irc generic
list Apply associated Trend Micro DPI Rules. 1000552| 1000552 - Generic Cross Site Scripting(XSS) Prevention
IRC channel to listen for remote commands from a malicious user.
Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED}.182.255 {BLOCKED}.{BLOCKED}.182.1 {BLOCKED}.{BLOCKED}.74.10 {BLOCKED}.{BLOCKED}.175.201 {BLOCKED}.{BLOCKED
Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED}.182.255 {BLOCKED}.{BLOCKED}.182.1 {BLOCKED}.{BLOCKED}.74.10 {BLOCKED}.{BLOCKED}.175.201 {BLOCKED}.{BLOCKED
contains the following once decrypted: Configuration file version FTP hosts (upload sites) Infection logs IRC data (port, nick, password) P2P node Reference to the components and their corresponding random
of the following routes: Via IRC Via instant messengers Via removable drives Its main objective is to execute commands on an infected computer by way of connecting to a specific IRC server and channel.
irc.{BLOCKED}.net It joins any of the following IRC channel(s): #DL34k3rBn3t #secAssgdf It executes the following commands from a remote malicious user: attack - perform Denial of Service (DOS) attack to
Backdoor does the following: perform DDOS flooding and using XMAS packets. Uses the IRC nickname with the following format: [NU|LNX|{composed of either F,T,H or U}]{random digit} Register itself in
character for its USER. Once connected to the IRC server, it joins a certain channel to receive and execute commands on the affected system. This file infector arrives on a system as a file dropped by other
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Backdoor Routine This Backdoor connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED
P2P node IRC data (port, nick, password) FTP hosts (upload sites) configuration file version infection logs
several IRC commands. NetTool.Unix.Mech (Ikarus), NetTool.Unix.Mech.e (Kaspersky)
{BLOCKED}x.com/shock/cgi Backdoor Routine This backdoor connects to any of the following IRC server(s): irc.{BLOCKED}k.tk:6667 {BLOCKED}.{BLOCKED}.50.237:6969 It joins any of the following IRC channel(s):
Backdoor Routine This Backdoor joins any of the following IRC channel(s): #{BLOCKED}t It executes the following commands from a remote malicious user: execute shell command send arbitrary irc command to
following Internet Relay Chat (IRC) channels: #muh{BLOCKED} It executes the following commands from a remote malicious user: SH - execute shell command IRC - send arbitrary irc command to server HELP - send
contain the following strings in their names: OTSP WC32 WCUN WINC Backdoor Routine This file infector connects to any of the following IRC server(s): {BLOCKED}o.brenz.pl {BLOCKED}t.trenz.pl NOTES: This file
}.30.11 It does the following: Connect to IRC server. Download files. Receive commands from remote user. Backdoor.Perl.Shellbot.B (BITDEFENDER)
http://2{BLOCKED}.223/ji http://7{BLOCKED}.69/ec.z This malware arrives via the following means: CVE-2014-6271 Backdoor Routine This Backdoor connects to any of the following IRC server(s): {BLOCKED}d.
via the following means: It may be hosted on an IRC server Other Details This Trojan requires its main component to successfully perform its intended routine.
using Perl Script. It connects to a remote IRC server to listen and wait for commands coming from a malicious user. Once successfully connected, it can perform a number of routines including: