Search
Keyword: irc_gleep.a
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Backdoor Routine This Backdoor connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED
}p3.com It joins any of the following IRC channel(s): #unk It executes the following commands from a remote malicious user: Update copy Download other files Execute a file Check malware's status DDOS
source of the DoS attack SPOOFS {subnet} - changes spoofing to a subnet GET {HTTP address} {save as} - this downloads and saves a file IRC {command} - this sends commands to the IRC server SH {command} -
This Trojan may be hosted on a website and run when a user accesses the said website. Arrival Details This Trojan may be hosted on a website and run when a user accesses the said website. Other
}es.xxx It joins any of the following IRC channel(s): #test3 #test5 #test4 It accesses a remote Internet Relay Chat (IRC) server where it receives the following commands from a remote malicious user:
{BLOCKED}es.xxx It joins any of the following IRC channel(s): #test3 #test5 #test4 It accesses a remote Internet Relay Chat (IRC) server where it receives the following commands from a remote malicious user:
It joins any of the following IRC channel(s): #test5 #test3 It accesses a remote Internet Relay Chat (IRC) server where it receives the following commands from a remote malicious user: (DOWNLOAD) -
This worm arrives by connecting affected removable drives to a system. It arrives via peer-to-peer (P2P) shares. It arrives on a system as a file dropped by other malware or as a file downloaded
IRC channel(s): #id It executes the following commands from a remote malicious user: Block DNS Create processes Download other files Insert iFrame tags into HTML files Join an IRC channel Log in to FTP
and Logout of the Bot Terminate Bot Restart the bot Send an email DNS lookup Download a file Execute a command Get system information Execute php code TCP and UDP flood attack IRC Command Change
This backdoor may be dropped by other malware. It executes when a user accesses certain websites where it is hosted. Arrival Details This backdoor may be dropped by other malware. It executes when a
}ore.su It executes the following commands from a remote malicious user: Create/Open/Delete Files Create/Terminate Process Download/Upload files Join IRC Download Routine This worm accesses the following
following IRC channel(s): test3 It accesses a remote Internet Relay Chat (IRC) server where it receives the following commands from a remote malicious user: [Quit] - Terminate itself [Help] - Print Commands
following Internet Relay Chat (IRC) channels: #muh{BLOCKED} It executes the following commands from a remote malicious user: SH - execute shell command IRC - send arbitrary irc command to server HELP - send
Chat (IRC) server where it receives the following commands from a remote malicious user: Download and execute arbitrary files Join other IRC channel Uninstall itself Download Routine This worm saves the
any of the following Internet Relay Chat (IRC) servers: {BLOCKED}.{BLOCKED}.105.87 1337hub.{BLOCKED}me.net It joins any of the following IRC channel(s): #.# It accesses a remote Internet Relay Chat (IRC
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes then deletes itself afterward. It drops copies
following ports: 7081 It connects to any of the following IRC server(s): d.{BLOCKED}book.com It may also connect to Internet Relay Chat (IRC) servers and receive commands from a remote user. Denial of Service
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF