Search
Keyword: irc generic
list Apply associated Trend Micro DPI Rules. 1000552| 1000552 - Generic Cross Site Scripting(XSS) Prevention
IRC channel to listen for remote commands from a malicious user.
Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED}.182.255 {BLOCKED}.{BLOCKED}.182.1 {BLOCKED}.{BLOCKED}.74.10 {BLOCKED}.{BLOCKED}.175.201 {BLOCKED}.{BLOCKED
Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED}.182.255 {BLOCKED}.{BLOCKED}.182.1 {BLOCKED}.{BLOCKED}.74.10 {BLOCKED}.{BLOCKED}.175.201 {BLOCKED}.{BLOCKED
contains the following once decrypted: Configuration file version FTP hosts (upload sites) Infection logs IRC data (port, nick, password) P2P node Reference to the components and their corresponding random
irc.{BLOCKED}.net It joins any of the following IRC channel(s): #DL34k3rBn3t #secAssgdf It executes the following commands from a remote malicious user: attack - perform Denial of Service (DOS) attack to
of the following routes: Via IRC Via instant messengers Via removable drives Its main objective is to execute commands on an infected computer by way of connecting to a specific IRC server and channel.
character for its USER. Once connected to the IRC server, it joins a certain channel to receive and execute commands on the affected system. This file infector arrives on a system as a file dropped by other
Backdoor does the following: perform DDOS flooding and using XMAS packets. Uses the IRC nickname with the following format: [NU|LNX|{composed of either F,T,H or U}]{random digit} Register itself in
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Backdoor Routine This Backdoor connects to any of the following IRC server(s): {BLOCKED}.{BLOCKED
P2P node IRC data (port, nick, password) FTP hosts (upload sites) configuration file version infection logs
several IRC commands. NetTool.Unix.Mech (Ikarus), NetTool.Unix.Mech.e (Kaspersky)
Backdoor Routine This Backdoor joins any of the following IRC channel(s): #{BLOCKED}t It executes the following commands from a remote malicious user: execute shell command send arbitrary irc command to
following Internet Relay Chat (IRC) channels: #muh{BLOCKED} It executes the following commands from a remote malicious user: SH - execute shell command IRC - send arbitrary irc command to server HELP - send
contain the following strings in their names: OTSP WC32 WCUN WINC Backdoor Routine This file infector connects to any of the following IRC server(s): {BLOCKED}o.brenz.pl {BLOCKED}t.trenz.pl NOTES: This file
{BLOCKED}x.com/shock/cgi Backdoor Routine This backdoor connects to any of the following IRC server(s): irc.{BLOCKED}k.tk:6667 {BLOCKED}.{BLOCKED}.50.237:6969 It joins any of the following IRC channel(s):
}.30.11 It does the following: Connect to IRC server. Download files. Receive commands from remote user. Backdoor.Perl.Shellbot.B (BITDEFENDER)
http://2{BLOCKED}.223/ji http://7{BLOCKED}.69/ec.z This malware arrives via the following means: CVE-2014-6271 Backdoor Routine This Backdoor connects to any of the following IRC server(s): {BLOCKED}d.
via the following means: It may be hosted on an IRC server Other Details This Trojan requires its main component to successfully perform its intended routine.
using Perl Script. It connects to a remote IRC server to listen and wait for commands coming from a malicious user. Once successfully connected, it can perform a number of routines including: