Search
Keyword: irc_gleep.a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It is injected into all running processes to remain
executes the following commands from a remote malicious user: Block DNS Create processes Download other files Insert iFrame tags into HTML files Join an IRC channel Log in to FTP sites Perform Slowloris,
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
connects to any of the following IRC server(s): http://{BLOCKED}trocked.servequake.com It executes the following commands from a remote malicious user: Download and execute files Get drive information such
other computers across a network: MS03-039 Buffer Overrun In RPCSS Service Backdoor Routine This worm listens on the following port(s): TCP port 4003 It connects to any of the following IRC server(s):
IRC server using a certain port and joins a channel where it receives commands from a malicious user. Terminates processes, Downloads files, Compromises system security
This worm may be downloaded by other malware/grayware/spyware from remote sites. It uses the Windows Task Scheduler to add a scheduled task that executes the copies it drops. It executes commands
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
to Hidden to trick the user into clicking the .LNK files. This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users
capabilities: This backdoor is capable of connecting to a certain IRC server using a certain port and joins a channel where it receives commands from a malicious user. It sends the following information to its
}n/cgi-bin/jl/jloader.pl http://{BLOCKED}cn/cgi-bin/jloader.pl Based on its code, it is capable of connecting to a certain IRC server using a certain port and joins a channel where it receives commands from a malicious
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
siteadvisor.com avgthreatlabs.com safeweb.norton.com This backdoor connects to a certain IRC server using a specific port and joins a channel where it receives commands from a malicious user. It sends the following
This worm may be downloaded by other malware/grayware/spyware from remote sites. It uses the Windows Task Scheduler to add a scheduled task that executes the copies it drops. It executes commands
Routine This worm joins any of the following IRC channel(s): #rxbot_paradise It executes the following command(s) from a remote malicious user: Create and delete files Download file from the Internet
This worm arrives by connecting affected removable drives to a system. It may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It may be
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF