Search
Keyword: irc generic
PERL_SHELLBOT.SM connects to this IRC server(s).
PERL_SHELLBOT.SM connects to this IRC server(s).
PERL_SHELLBOT.SM connects to this IRC server(s).
PERL_SHELLBOT.SM connects to this IRC server(s).
PERL_SHELLBOT.SM connects to this IRC server(s).
Description Name: DDOS Tool Detected - LOIC . This is Trend Micro detection for packets passing through IRC network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious...
PE_VIRUX.AA-O connects to this IRC server using UDP and TCP port 80.
PE_VIRUX.AA-O connects to this IRC server using UDP and TCP port 80.
system P2P node IRC data (port, nick, password) FTP hosts (upload sites) configuration file version infection logs This backdoor may be downloaded from remote sites by other malware. Arrival Details This
batch file as %Current%\untitled1.bat . It aids in modifying (hiding/unhiding) attributes of IRC nicknames that it uses by using the DOS command "attrib." This Trojan may be dropped by other malware.
following information on the reference to the components and their corresponding random filenames in the system, IRC data, FTP hosts (upload sites) and infection logs. Arrival Details This malware arrives via
\ Windows\CurrentVersion\Run Wincpa = "{Malware Path and Filename}.exe" Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}9.{BLOCKED}9.249.189 It joins any of the
from the following remote site(s): http://{BLOCKED}.{BLOCKED}.67.223/jur Backdoor Routine This Trojan connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED}.209.84:443 It joins any of the
\ ChatFile\Shell\open\ ddeexec\ifexec HKEY_CURRENT_USER\Software\Classes\ ChatFile\Shell\open\ ddeexec\Topic HKEY_CURRENT_USER\Software\Classes\ irc HKEY_CURRENT_USER\Software\Classes\ irc\DefaultIcon
commands from bot masters. IRC bots issue commands via IRC communication protocol to allow cybercriminals to can send commands to infected systems. These bots became rampant during the outbreak era . They
joins any of the following IRC channel(s): #xwar It executes the following command(s) from a remote malicious user: create random nickname for itself terminate/kill IRC application Logout Get IRC version
instant-messaging (IM) applications: AIM MSN TIM Backdoor Routine This worm connects to any of the following IRC server(s): {BLOCKED}i.com It joins any of the following IRC channel(s): #!NN!#
following IRC channel(s): irc.{BLOCKED}-newbie.org:6667 It joins any of the following Internet Relay Chat (IRC) channels: #xrt It accesses a remote Internet Relay Chat (IRC) server where it receives the
commands: TCP 1685 It connects to any of the following IRC server(s): {BLOCKED}ro.ru It joins any of the following IRC channel(s): #infe Other Details This backdoor connects to the following URL(s) to get the
=Open shell\open\command=RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\unek.exe shell\open\default=1 Backdoor Routine This worm connects to any of the following IRC server(s): unek.{BLOCKED