Search

Description Name: DDOS Tool Detected - LOIC . This is Trend Micro detection for packets passing through IRC network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious...

Description Name: Session using standard port - IRC . This is Trend Micro detection for packets passing through IRC network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behavior...

Description Name: Transmitted executable or script file - IRC (Request) . This is Trend Micro detection for packets passing through IRC network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of...

Description Name: Executable file sent from/to non-standard port - IRC (Request) . This is Trend Micro detection for packets passing through IRC network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indi...

}.{BLOCKED}.173.154:9000 {BLOCKED}.{BLOCKED}.86.198:9000 It executes the following commands from a remote malicious user: Update itself Join/Leave an IRC channel Download other files Perform Slowloris,

This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It gathers target email addresses from the Windows Address

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

Pidgin Windows Live Messenger MSN Messenger Windows Messenger Backdoor Routine This worm executes the following commands from a remote malicious user: Join an IRC channel Send private messages on IRC

from a remote malicious user: Download and execute files Join another IRC server Uninstall itself Other Details This Worm does the following: Checks the following strings in the Device Driver information

This worm arrives via peer-to-peer (P2P) shares. It arrives via removable drives. It arrives by accessing affected shared networks. It arrives on a system as a file dropped by other malware or as a

into HTML files Join an IRC channel Log in to FTP sites Perform Slowloris, UDP, and SYN flooding Run Reverse Socks4 proxy server Send MSN Messenger messages Steal login credentials Update itself Visit a

This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies registry entries to disable various system

http://SJC1-TE-CMSAP1.sdi.trendnet.org/dumpImages/051120126946.jpeg Some threats are more persistent than others. They are usually developed, modified, or simply coursed through a different vector in

This worm attempts to access a certain URL where its copy is hosted. It then copies this file as {random}.exe in removable drives. It may also receive a command from a remote server to initiate

Backdoor Routine This Backdoor joins any of the following IRC channel(s): #{BLOCKED}t It executes the following commands from a remote malicious user: execute shell command send arbitrary irc command to

of the following IRC server(s): irc.{BLOCKED}ini.net HOSTS File Modification This worm modifies the affected system's HOSTS files to prevent a user from accessing the following websites:

This worm arrives via removable drives. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It drops copies of itself into network

Backdoor Routine This worm connects to any of the following IRC server(s): {BLCOEKD}ghxxxxx.info It executes the following commands from a remote malicious user: Download and execute files Perform flooding

of the following IRC channel(s): #rkill #pd #lo #rox It executes the following commands from a remote malicious user: Block DNS Create processes Download other files Insert iFrame tags into HTML files

the following IRC server(s): {BLOCKED}.{BLOCKED}.82.177 It joins any of the following IRC channel(s): #Ganja It executes the following commands from a remote malicious user: clean - removes the malware