Search
Keyword: IRC_IRCFLOOD.X
14988 Total Search |
Showing Results : 1 - 20
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It requires its main component to successfully perform
\ChatFile\Shell\ open\ddeexec\ifexec HKEY_CLASSES_ROOT\ChatFile\Shell\ open\ddeexec\Topic HKEY_LOCAL_MACHINE\Software\Classes\ irc HKEY_LOCAL_MACHINE\Software\Classes\ irc\DefaultIcon HKEY_LOCAL_MACHINE
]:MotherboardMonitor., IRC/Flood.c, [ (McAfee); IRC Trojan (Symantec); ARC:CAB, Backdoor.IRC.Zapchast, Backdoor.IRC.Zapchast.a, Backdoor.IRC.Sliv.d, [cl]:Backdoor.IRC.Zapc (Kaspersky); Backdoor.IRC.Zapchast (Sunbelt);
vexaa.{BLOCKED}th.cx It joins any of the following IRC channel(s): #kleber #kaiten #kromex #dlink #dlink_key Download Routine This backdoor downloads updated copies of itself from the following websites:
It drops component files detected as BKDR_IRCFLOOD.CN and TROJ_LAMEWAR.VTG. This worm arrives as a component bundled with malware/grayware packages. It may be unknowingly downloaded by a user while
\Microsoft\ Windows\CurrentVersion\Run Divx = "divwinx.exe" Backdoor Routine This Backdoor connects to any of the following IRC server(s): Irc.{BLOCKED}et.org pro.{BLOCKED}r.net It accesses a remote Internet
This Hacking Tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Hacking Tool arrives on a
as> - Downloads a file off the web and saves it onto the hd VERSION - Requests version of client KILLALL - Kills all current packeting HELP - Displays this IRC <command> - Sends this command to
\CLSID\{11347ACA-6019-BD37-83C6-A3C16253F96A} NHmoOnuxYPLxe = "k`ikUP" HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ Licenses {IEE1F7440C4EA354A} = "X\x00\x00\x00" HKEY_LOCAL_MACHINE\SOFTWARE\Classes
FAKEAV. SDBOT's backdoor capabilities allows other commands and functions to be performed on the infected computer. These commands may include: Check malware's status Disconnect the bot from IRC Generate a
{645FF040-5081-101B-9F08-00AA002F954E}\tmpmon-t829058.xtc ;garbage characters useautoplay=1 ;garbage characters Backdoor Routine This worm connects to any of the following IRC server(s): {BLOCKED}-0.level4-co2-as30938.su {BLOCKED
Backdoor Routine This worm connects to any of the following Internet Relay Chat (IRC) servers: s27.{BLOCKED}ids.su It joins any of the following IRC channel(s): ##ops It executes the following commands from
{23F24C31-568D-461D-B5CA-13393D19909A} = "%Application Data%\{23F24C31-568D-461D-B5CA-13393D19909A}\hdg.exe" Backdoor Routine This backdoor connects to any of the following IRC server(s): epic.{BLOCKED}s.xxx irc1.{BLOCKED}-wow.com It
This backdoor connects to specific IRC server and joins a particular IRC channel. It is capable of receiving and executing specific commands from the IRC server. This backdoor arrives on a system as
wwwadmin Backdoor Routine This worm connects to any of the following IRC server(s): Irc.{BLOCKED}z.com It joins any of the following Internet Relay Chat (IRC) channels: ##synfu## ##flash## #~priv~# #~cevi~#
!killall - Terminate all Perl processes !reset - Reconnect to IRC server !jo - Join a channel !part - Leave a channel !nick - Change nickname !pid - Send fake process name and process ID ! - Execute a shell
execute arbitrary files Perform Denial of Service attack (SYN flood) Join other IRC channel Uninstall itself Download Routine This worm saves the files it downloads using the following names: %Application
#007 It accesses a remote Internet Relay Chat (IRC) server where it receives the following commands from a remote malicious user: IRC Control: join → join a specified channel part → leave a specified
\ Windows\CurrentVersion\Run Wincpa or Windongs = "{Malware Path and File Name}" Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED}.249.189:443 {BLOCKED}c.