Search
Keyword: IRC_Generic
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
\System32 on Windows XP and Server 2003.) This report is generated via an automated analysis system. VirTool:WinNT/Knockex.D (Microsoft); Generic Downloader.x!eej (McAfee); IRC.Backdoor.Trojan (Symantec);
TrojanDownloader:Win32/Tonick.gen (Microsoft); Generic BackDoor.f (McAfee); Backdoor.IRC.Bot (Symantec); Trojan-Downloader.Win32.VB.dck, Trojan-Downloader.Win32.VB.dck (Kaspersky); Trojan.Win32.Generic!BT (Sunbelt);
NOTES: This worm is capable of performing the following commands: Connect to an IRC channel Create processes Create threads Download files Kill threads Propagate itself via MSN Messenger Scan ports Scan
connects to any of the following IRC server(s): http://{BLOCKED}trocked.servequake.com It executes the following commands from a remote malicious user: Download and execute files Get drive information such
HTML files Join an IRC channel Log in to FTP sites Modifies the following system files: ipconfig.exe verclsid.exe regedit.exe rundll32.exe cmd.exe regsvr32.exe Perfrom Slowloris, UDP, and SYN flooding
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
Generic Dropper.pd (McAfee); Infostealer (Symantec); Trojan-Spy.Win32.Webmoner.ada (Kaspersky); TrojanDropper.Win32.Swisyn.B (fs) (Sunbelt); Trojan horse IRC/BackDoor.SdBot4.RHL (AVG)
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
VirTool:Win32/DelfInject.gen!X (Microsoft); PWS-LDPinch.a!hv (McAfee); IRC Trojan (Symantec); PAK:UPX, Packed.Win32.CPEX-based.eq (Kaspersky); Packed.Win32.ExeFlasher (v) (Sunbelt); Application.Generic.176086 (FSecure)
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a