Search
Keyword: irc generic
\wintask.exe (Note: %Windows% is the Windows folder, which is usually C:\Windows.) This report is generated via an automated analysis system. Backdoor:IRC/Evilbot (Microsoft); BackDoor-OG (McAfee); IRC Trojan
unknowingly by users when visiting malicious sites. Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}et.{BLOCKED}texist.org {BLOCKED}stick.{BLOCKED}ns-remote.com It joins
Description Name: Public IRC C&C domain - DNS (Response) . This is Trend Micro detection for packets passing through DNS network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavi...
strings in their names: OTSP WC32 WCUN WINC Backdoor Routine This file infector connects to any of the following IRC server(s): ilo.{BLOCKED}z.pl ant.{BLOCKED}z.pl HOSTS File Modification This file infector
\ Windows\CurrentVersion\Run Windongs = "{Malware Path and File Name}" Backdoor Routine This backdoor connects to any of the following IRC server(s): {BLOCKED}n.{BLOCKED}s.cat It accesses a remote Internet
Description Name: APT - ZAPCHAST - HTTP (Request) . ZAPCHAST variants often arrive as an attachment to spammed messages. Once the malware has been executed, it creates a backdoor which gives an attacker access to the infected computer. It can also do...
\. It is also where the operating system is located.) This report is generated via an automated analysis system. Trojan:Win32/Agent (Microsoft); Generic PWS.sd (McAfee); IRC Trojan (Symantec);
remove itself Download and execute files Perform HTTP and FTP operations to download and execute files Inject code into the file, TCPIP.SYS Perform IRC commands Other Details This Trojan does the
backdoor application can download and execute its updated copy or other malware, gather system information, and stop or start services. It also joins the IRC channel #AllNiteCafe . Trend Micro advises users
]:MotherboardMonitor., IRC/Flood.c, [ (McAfee); IRC Trojan (Symantec); ARC:CAB, Backdoor.IRC.Zapchast, Backdoor.IRC.Zapchast.a, Backdoor.IRC.Sliv.d, [cl]:Backdoor.IRC.Zapc (Kaspersky); Backdoor.IRC.Zapchast (Sunbelt);
" File Infection This file infector infects the following file types: EXE SCR It appends its codes to target files. Backdoor Routine This file infector connects to any of the following IRC server(s):
(McAfee); IRC Trojan (Symantec); Backdoor.Win32.Poison.aetv (Kaspersky); BehavesLike.Win32.Malware.wsc (mx-v) (Sunbelt); Virtool.21688 (FSecure)
generated via an automated analysis system. PWS:Win32/Coced.2_38 (Microsoft); PWS-BR.gen (McAfee); IRC Trojan (Symantec); Trojan-PSW.Win32.Coced.238.a (Kaspersky); Trojan.Win32.Generic!BT (Sunbelt); Trojan
(McAfee); IRC Trojan (Symantec); Trojan.Win32.Agent.dlo (Kaspersky); Trojan.Win32.Generic!BT (Sunbelt); Trojan.Generic.84929 (FSecure)
via an automated analysis system. VirTool:Win32/DelfInject [non_writable_container] (Microsoft); BackDoor-DOQ.gen.w (McAfee); IRC Trojan (Symantec); Backdoor.Win32.BlackHole.bf (Kaspersky);
an automated analysis system. Backdoor:Win32/Litmus.dr (Microsoft); MultiDropper-BD (McAfee); IRC Trojan (Symantec); Trojan-Dropper.Win32.Small.e, Trojan-Dropper.Win32.Small.e (Kaspersky);
\system32\winlogon.exe = "\??\C:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1" Backdoor Routine This file infector connects to any of the following IRC server(s): {BLOCKED}c.{BLOCKED}ef.pl Download
Description Name: IRCBOT - Nickname - IRC - Variant 1 . This is Trend Micro detection for packets passing through any network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some ind...
folder to view files shell\open=Explore shell\open\command={hostname}\{hostname}\{hostname}v18 shell\open\default=1 Backdoor Routine This worm connects to any of the following IRC server(s): {BLOCKED}d.
Backdoor Routine This worm connects to any of the following IRC server(s): {BLOCKED}6.{BLOCKED}rog.su {BLOCKED}4.{BLOCKED}ore.su {BLOCKED}8.{BLOCKED}ore.su {BLOCKED}6.{BLOCKED}ore.su {BLOCKED}0.{BLOCKED