Search

Chat (IRC) servers: {BLOCKED}5.{BLOCKED}8.5.139 It joins any of the following IRC channel(s): #ng Other Details This worm connects to the following URL(s) to get the affected system's IP address:

following ports: 7081 It connects to any of the following IRC server(s): d.{BLOCKED}book.com It may also connect to Internet Relay Chat (IRC) servers and receive commands from a remote user. Denial of Service

Routine This worm connects to any of the following Internet Relay Chat (IRC) servers: {BLOCKED}.us.dal.net It adds an IRC script that automatically sends the following messages to everyone who accesses the

wwwadmin Backdoor Routine This worm connects to any of the following IRC server(s): Irc.{BLOCKED}z.com It joins any of the following Internet Relay Chat (IRC) channels: ##synfu## ##flash## #~priv~# #~cevi~#

of the following routes: Via IRC Via instant messengers Via removable drives Its main objective is to execute commands on an infected computer by way of connecting to a specific IRC server and channel.

This Trojan may be hosted on a website and run when a user accesses the said website. Arrival Details This Trojan may be hosted on a website and run when a user accesses the said website. Other

This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It gathers target email addresses from the Windows Address Book (WAB). It joins an

from the following remote site(s): http://{BLOCKED}.{BLOCKED}.67.223/jur Backdoor Routine This Trojan connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED}.209.84:443 It joins any of the

of the following routes: Via IRC Via instant messengers Via removable drives Its main objective is to execute commands on an infected computer by way of connecting to a specific IRC server and channel.

IRC channel(s): #id It executes the following commands from a remote malicious user: Block DNS Create processes Download other files Insert iFrame tags into HTML files Join an IRC channel Log in to FTP

following credentials when accessing its IRC server: NICK US|{random value} USER 10112{random} UNIX UNIX :{username} Worm:Win32/Colowned.A (Microsoft); W32.Colowned.A (Symantec); Win32/Colowned.C (ESET-NOD32

following IRC server(s): irc.{BLOCKED}arder.net It joins any of the following Internet Relay Chat (IRC) channels: #helltest3 Other Details This Worm does the following: It sends copies of itself as compressed

\ Windows\CurrentVersion\Run Wincpa = "{Malware Path and Filename}.exe" Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}9.{BLOCKED}9.249.189 It joins any of the

\ Windows\CurrentVersion\Run Wincpa or Windongs = "{Malware Path and File Name}" Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED}.249.189:443 epic.{BLOCKED

Description Name: IRCBOT IRC Connection - Class 3 . This is Trend Micro detection for packets passing through IRC network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicat...

Description Name: IRCBOT - Nickname - IRC - Variant 3 . This is Trend Micro detection for packets passing through IRC network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some ind...

Description Name: IRCBOT - IRC . This is Trend Micro detection for packets passing through IRC network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicators of an infected ...

Description Name: BOTNICK IRC Request - Class 1 . This is Trend Micro detection for packets passing through IRC network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicator...

Description Name: BASSBOT IRC Connection . This is Trend Micro detection for packets passing through IRC network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicators of an...

Description Name: IRCBOT - IRC (Request) . This is Trend Micro detection for packets passing through IRC network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicators of an...