Search
Keyword: IRC_IRCFLOOD.X
\ Windows\CurrentVersion\Run Wincpa or Windongs = "{Malware Path and File Name}" Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED}.249.189:443 epic.dildoes.xxx
\ Windows\CurrentVersion\Run Wincpa or Windongs = "{Malware Path and File Name}" Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED}.249.189:443 epic.{BLOCKED
\default=1 useautoplay=1 Backdoor Routine This Worm connects to any of the following IRC server(s): http://j52.coax-{BLOCKED}-{BLOCKED}.su http://j65.coax-{BLOCKED}-{BLOCKED}.su http://j30.bull-{BLOCKED}-
Send raw IRC command Start remote shell NOTES: This backdoor changes its process name to apache2 and clears its command line. It creates and locks the file /tmp/.z to ensure that only one copy of itself
\ Windows\CurrentVersion\Run Windongs = "{Malware Path and File Name}" Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}n.{BLOCKED}s.cat It accesses a remote Internet
Backdoor Routine This worm connects to any of the following IRC server(s): {BLOCKED}6.{BLOCKED}rog.su {BLOCKED}4.{BLOCKED}ore.su {BLOCKED}8.{BLOCKED}ore.su {BLOCKED}6.{BLOCKED}ore.su {BLOCKED}0.{BLOCKED
Pidgin Windows Live Messenger MSN Messenger Windows Messenger Backdoor Routine This worm executes the following commands from a remote malicious user: Join an IRC channel Send private messages on IRC
http://2{BLOCKED}.223/ji http://7{BLOCKED}.69/ec.z This malware arrives via the following means: CVE-2014-6271 Backdoor Routine This Backdoor connects to any of the following IRC server(s): {BLOCKED}d.
Disconnect from the IRC server and terminate self join - Join a channel part - Leave a channel reset - Disconnect from the IRC server voice - Grant a user the voice status owner - Grant a user channel
\Shell\ open\ddeexec\Topic HKEY_LOCAL_MACHINE\Software\Classes\ irc HKEY_LOCAL_MACHINE\Software\Classes\ irc\DefaultIcon HKEY_LOCAL_MACHINE\Software\Classes\ irc\Shell\open\ command HKEY_LOCAL_MACHINE
"msnmsngr.exe" Backdoor Routine This backdoor connects to any of the following IRC server(s): bilal2.{BLOCKED}s.net It joins any of the following IRC channel(s): #hell It executes the following command(s) from a
\ChatFile\Shell\ open\ddeexec\ifexec HKEY_CLASSES_ROOT\ChatFile\Shell\ open\ddeexec\Topic HKEY_LOCAL_MACHINE\Software\Classes\ irc HKEY_LOCAL_MACHINE\Software\Classes\ irc\DefaultIcon HKEY_LOCAL_MACHINE
Backdoor does the following: perform DDOS flooding and using XMAS packets. Uses the IRC nickname with the following format: [NU|LNX|{composed of either F,T,H or U}]{random digit} Register itself in
\ Windows\CurrentVersion\Run Windongs = "{malware path and file name}" Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED}.cat It accesses a remote Internet
when accessing its IRC server: NICK: zwin-{random value}|{random number}| NOTES: This backdoor joins an IRC server where it sends and receives its backdoor commands: ddos.cat IRC Network It connects to
Virus found Dear user {name of recipient}, It has come to our attention that your {email account of user} User Profile ( x ) records are out of date. For further details see the attached document. Thank
Simultaneous IGMP, ICMP, UDP and TCP flooding on open ports with statistic report IRC Control: join → join a specified channel part → leave a specified channel rejoin → leave then rejoin a specified channel op
removable drives. It uses the following file names for the copies it drops into shared networks: facebook.exe msn.exe setup.exe NOTES: This malware connects to the following remote IRC server using port 6667:
clear log files Terminate the bot Disconnect the bot from IRC Send a message to the IRC server Let the bot perform mode change Change BOT ID Display connection type, local IP address, and other net
This is an AndroidOS malware with backdoor capabilities. It drops a file that creates an IRC connection where it receives commands, thus compromising the affected system's security for the user. It