Search
Keyword: worm_rbot.qp
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
To get a one-glance comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown below. This worm may arrive bundled with malware packages as a malware component. It may be
This worm and its variant CODERED.B pose minimal risk to most PCs. It uses a remote buffer overflow vulnerability in Internet Information Service (IIS) Web Servers that can give system-level
networks from threats like Conficker/DOWNAD. What is Conficker/DOWNAD? Conficker/DOWNAD first reared its ugly head in the threat landscape in November 2008. The worm then took advantage of the Server Service
http://SJC1-TE-CMSAP1.sdi.trendnet.org/dumpImages/2911201225434.gif The VOBFUS family of worms is known for their download and propagation routines, which allowed them to gain prominence, as can be
Upon execution, this worm sends an HTTP request to its C&C to download a file. It saves the downloaded file as %Current%\123.tmp , which contains a download link of a torrent file pointing to a
This worm arrives by connecting affected removable drives to a system. It may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while
This worm arrives via peer-to-peer (P2P) shares. It arrives via removable drives. It arrives by accessing affected shared networks. It arrives on a system as a file dropped by other malware or as a
This worm drops copies of itself in all removable drives. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Installation
This worm drops copies of itself in all removable drives. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Installation
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops copies of itself
This worm may be dropped by other malware. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Arrival Details This worm
http://SJC1-TE-CMSAP1.sdi.trendnet.org/dumpImages/1712012103631.jpeg WORM_DORKBOT or NgrBot is an Internet Relay Chat (IRC) bot used for distributed denial-of-service (DDoS) attacks. It became
.ZIP, .RAR and .RAR SFX. Reminiscent of WORM_PROLACO , this worm can spread across password-protected archive files and bypass archive files’ built-in security. What does WORM_PIZZER.SM do to an infected
applications. This worm also downloads a backdoor, detected by Trend Micro as BKDR_BIFROSE.SMU . It also deletes services that disable antivirus applications, rendering the affected system unprotected.
This worm uses Remote Desktop Protocol (RDP) for its propagation routines. This worm registers ntshrui.dll (copy of clb.dll) as a service by creating the a certain registry. It then adds this service
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm may arrive via network shares.
This worm arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives by connecting affected removable drives to a system. It arrives via removable
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. The dropped file is injected in all running processes. It