Search
Keyword: irc_gleep.a
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
to a certain IRC server using a certain port and joins a channel where it receives commands from a malicious user. It sends the following information to its C&C server: ext_ip dnsname hostname user
from a remote malicious user: Block DNS Create processes Download other files Insert iframe tags into HTML files Join an IRC channel Log in to FTP sites Perfrom Slowloris, UDP, and SYN flooding Run
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
IRC server using a certain port and joins a channel where it receives commands from a malicious user. It sends the following information to its C&C server: ext_ip dnsname hostname user domain is_admin
execution. NOTES: This backdoor is capable of connecting to a certain IRC server using a certain port and joins a channel where it receives commands from a malicious user. It sends the following information to
threatexpert threatfire trendmicro truste.com update.microsoft. virus webroot. wilderssecurity windowsupdate It deletes itself after execution. NOTES: This backdoor is capable of connecting to a certain IRC
found a new threat that may imperil Facebook users. How does the malware arrive on users' systems? The malicious file (aka FacebookMessengerSetup.exe ), detected as BKDR_QUEJOB.EVL , arrives via spammed
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
Routine This worm executes the following commands from a remote malicious user: Connect to a website Connect to an IRC channel to send receive commands Copy ,Download, Execute and Delete files Download
the following IRC server(s): ms4all.twoplayers.net It opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes
spyware sunbelt symantec threatexpert threatfire trendmicro virus wilderssecurity windowsupdate update.microsoft. download.microsoft. NOTES: This backdoor is capable of connecting to a certain IRC server
connecting affected removable drives to a system. It arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
the following IRC channel(s): ##8## It opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the
a remote malicious user: Update itself Join/Leave an IRC channel Download other files Perfrom Slowloris, UDP, and SYN flooding Create processes It connects to the following URL(s) to send and receive
This worm arrives by connecting affected removable drives to a system. It arrives via peer-to-peer (P2P) shares. It arrives on a system as a file dropped by other malware or as a file downloaded
after execution. NOTES: This backdoor connects to a certain IRC server using a specific port and joins a channel where it receives commands from a malicious user. It sends the following information to its
NOTES: This backdoor is capable of connecting to a certain IRC server using a certain port and joins a channel where it receives commands from a malicious user. It sends the following information to its
update.microsoft. download.microsoft. NOTES: This backdoor is capable of connecting to a certain IRC server using a certain port and joins a channel where it receives commands from a malicious user. It sends the
trendmicro truste.com update.microsoft. virus webroot. wilderssecurity windowsupdate NOTES: This backdoor is capable of connecting to a certain IRC server using a certain port and joins a channel where it