Search
Keyword: IRC_IRCFLOOD.X
not infect files with certain characteristics. It also searches for target script files for iframe infection. Infected script files are detected as HTML_IFRAME.SMV. It connects to certain IRC servers
This worm connects to specific IRC channels and uses the nick n3t . It creates the mutex "S3xY!" for its main executable. It may execute certain commands from a remote malicious user. This Trojan
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}c.
\Wilbert %User Profile%\Application Data\irc (Note: %System Root% is the Windows root folder, where it usually is C:\ on all Windows operating system versions.. %User Profile% is the current user's profile
sites hosting remote copies of itself using the following instant-messaging (IM) applications: Yahoo XFire Skype PalTalk ICQ GTalk MSN Backdoor Routine This worm connects to any of the following IRC
following files: .DLL files PE Files with _win section name Files with infection marker Backdoor Routine This file infector connects to any of the following IRC server(s): ru.{BLOCKED}s.pl core.{BLOCKED
Description Name: Transmitted executable or script file - IRC (Request) . This is Trend Micro detection for packets passing through IRC network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of...
Description Name: Executable file sent from/to non-standard port - IRC (Request) . This is Trend Micro detection for packets passing through IRC network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indi...
Description Name: Session using standard port - IRC . This is Trend Micro detection for packets passing through IRC network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual behavior...
Description Name: DDOS Tool Detected - LOIC . This is Trend Micro detection for packets passing through IRC network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious...
Description Name: Public C&C IP address - IRC (Request) . This is Trend Micro detection for packets passing through IRC network protocols that manifests Callback activities which can be a potential intrusion. Below are some indicators of unusual beha...
banking sites. DORKBOT variants are capable of launching denial-of –service (DDoS) attacks. In order to do so, it accepts commands from its controller by connecting to and joining IRC chatrooms. Analysis
This worm arrives by connecting affected removable drives to a system. It may be unknowingly downloaded by a user while visiting malicious websites. It adds registry entries to enable its automatic
This worm arrives via peer-to-peer (P2P) shares. It arrives via removable drives. It arrives by accessing affected shared networks. It arrives on a system as a file dropped by other malware or as a
the drives of an affected system. Backdoor Routine This worm connects to any of the following IRC server(s): bk1.{BLOCKED}h.cx It accesses a remote Internet Relay Chat (IRC) server where it receives the
\wintask.exe (Note: %Windows% is the Windows folder, which is usually C:\Windows.) This report is generated via an automated analysis system. Backdoor:IRC/Evilbot (Microsoft); BackDoor-OG (McAfee); IRC Trojan
of the following IRC server(s): irc.{BLOCKED}ini.net HOSTS File Modification This worm modifies the affected system's HOSTS files to prevent a user from accessing the following websites:
following IRC server(s): irc.{BLOCKED}e.com NOTES: This worm drops copies of itself in the following folders used in peer-to-peer networks: {folder path}\kazaa\my shared folder\ {folder path}\kazaa lite\my
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a