Search
Keyword: usojan.perl.malxmr.uwejs
This malware is involved in the Bash Vulnerability Exploit attack of September 2014. It is capable of compromising an affected system's security by carrying out commands made by a malicious remote
This Backdoor may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to Internet Relay Chat (IRC) servers. It
This backdoor may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This backdoor is downloaded and installed in systems via malicious URL. It is installed with a miner. This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded
{BLOCKED}-remote.com/kisses.tar.gz # tar xzvf kisses.tar.gz # perl linda.pl
Arrival Details This Trojan may be downloaded from the following remote site(s): http://{BLOCKED}5.{BLOCKED}4.184.150/404.cgi NOTES: It contains embedded malware ELF_ROOPRE.A, which will be executed
This backdoor executes commands from a remote malicious user, effectively compromising the affected system. Arrival Details This backdoor may be downloaded from the following remote site(s): http://
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It joins an Internet Relay Chat (IRC) channel. Arrival
This malware figures in a Shellshock-related SMTP attack. To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below. This backdoor executes
!killall - Terminate all Perl processes !reset - Reconnect to IRC server !jo - Join a channel !part - Leave a channel !nick - Change nickname !pid - Send fake process name and process ID ! - Execute a shell
arbitrary shell commands from a remote user Once this PERL script is installed, the remote user may then launch a backdoor on the affected system. Opening the page, the malicious user is shown the following
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to a website to send and receive
This backdoor comes bundled with a Monero miner, both spread by a botnet. The techniques employed are reminiscent of the Outlaw hacking group that Trend Micro reported in November 2018. This Backdoor
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Coinminer arrives as a component bundled with malware/grayware packages. Arrival Details This Coinminer arrives as a component bundled with malware/grayware packages. Installation This Coinminer
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Coinminer arrives on a system as
This is the detection for exploit codes that takes advantage of a vulnerability in the hosting control panel Plesk. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the