Search
Keyword: IRC_IRCFLOOD.X
This hacking tool does the following: It is an open-source program that allows a user to configure a bot to perform routines. It is capable of connecting to an IRC server, and sending or receiving input
PERL_SHELLBOT.SM connects to this IRC server(s).
PERL_SHELLBOT.SM connects to this IRC server(s).
PERL_SHELLBOT.SM connects to this IRC server.
PERL_SHELLBOT.SM connects to this IRC server.
instant-messaging (IM) applications: AIM MSN TIM Backdoor Routine This worm connects to any of the following IRC server(s): {BLOCKED}i.com It joins any of the following IRC channel(s): #!NN!#
webroot. wilderssecurity windowsupdate NOTES: This worm's configuration file contains the following information: FTP hosts (upload sites) Infection log IRC data Reference to the components and their
the following information: Reference to the components and their corresponding random file names in the system IRC data FTP hosts (upload sites) infection log It is capable of monitoring the browsing
configuration file contains the following information: FTP hosts (upload sites) Infection log IRC data Reference to the components and their corresponding random file names in the system It is capable of
their corresponding random filenames in the system IRC data FTP hosts (upload sites) Infection log It is capable of monitoring the browsing activities of the affected computer and logs all information
system P2P node IRC data (port, nick, password) FTP hosts (upload sites) configuration file version infection logs This backdoor may be downloaded from remote sites by other malware. Arrival Details This
It sends messages that contain links to sites hosting remote copies of itself using specific instant-messaging (IM) applications. This worm arrives via removable drives. It may be dropped by other
Password-protected sites Download its configuration file from a certain site that contains FTP or IRC information used for its backdoor routine. It may open random ports where it connect to a remote server through the
This malware tries to connect to websites. If the connection is succesful, the malware joins the channel #!nn! to send and receive information from its IRC C&C server. The malware can also
and their corresponding random filenames in the system IRC data FTP hosts (upload sites) Infection log It accepts the following parameters: /i - drop the dll and config file to current directory /s -
%Application Data%\svchost.exe"" Backdoor Routine This worm opens the following port(s) where it listens for remote commands: TCP 6667 It connects to any of the following IRC server(s): {BLOCKED}c.{BLOCKED}s.com
Google Talk MSN Messenger Paltalk XFire Backdoor Routine This worm connects to any of the following IRC server(s): {BLOCKED}4.{BLOCKED}awanta.su It joins any of the following IRC channel(s): #t8nted
This worm arrives by connecting affected removable drives to a system. It may be unknowingly downloaded by a user while visiting malicious websites. It is injected into all running processes to
where it listens for remote commands: 23232 It connects to any of the following IRC server(s): {BLOCKED}gels-agency.nl It joins any of the following IRC channel(s): #wWw# It executes the following
batch file as %Current%\untitled1.bat . It aids in modifying (hiding/unhiding) attributes of IRC nicknames that it uses by using the DOS command "attrib." This Trojan may be dropped by other malware.