Search

Internet Relay Chat (IRC) server where it receives the following commands from a remote malicious user: Download and execute arbitrary files Join other IRC channel Uninstall itself As of this writing, the

Backdoor Routine This Backdoor joins any of the following IRC channel(s): #{BLOCKED}t It executes the following commands from a remote malicious user: execute shell command send arbitrary irc command to

instant-messaging (IM) applications: XChat Windows Messenger Windows Live Communicator MSN Messenger Pidgin Backdoor Routine This worm executes the following commands from a remote malicious user: Join an IRC channel

This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file

into HTML files Join an IRC channel Log in to FTP sites Perform Slowloris, UDP, and SYN flooding Run Reverse Socks4 proxy server Send MSN Messenger messages Steal login credentials Update itself Visit a

This worm arrives by connecting affected removable drives to a system. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system.

Description Name: IRCBOT - Nickname - IRC - Variant 1 . This is Trend Micro detection for packets passing through any network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some ind...

and execute files Join another IRC server Uninstall itself Other Details This Worm does the following: It can modify the data in the clipboard. Checks the following strings in the Device Driver

from a remote malicious user: Download and execute files Join another IRC server Uninstall itself Other Details This Worm does the following: Checks the following strings in the Device Driver information

of the following IRC server(s): aa.{BLOCKED}ere.biz aa.{BLOCKED}nad.com It executes the following commands from a remote malicious user: Download and execute files Perform flooding attacks As of this

This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It is injected into all

vulnerabilities to propagate across networks: (MS08-067) Vulnerability in Server Service Could Allow Remote Code Execution (958644) Backdoor Routine This worm connects to any of the following IRC server(s):

\command=Feast\Ival\Feast.exe shell\open\default=1 Backdoor Routine This worm connects to any of the following IRC server(s): {BLOCKED}t.{BLOCKED}rk.biz {BLOCKED}t.{BLOCKED}ils.net {BLOCKED}t.{BLOCKED}c.cz

This file infector arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It may be dropped by other malware. It infects files by overwriting code in the

This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file

Backdoor Routine This worm connects to any of the following IRC server(s): {BLCOEKD}ghxxxxx.info It executes the following commands from a remote malicious user: Download and execute files Perform flooding

WINC WCUN WC32 PSTO Backdoor Routine This file infector connects to any of the following IRC server(s): proxim.{BLOCKED}axy.pl Other Details This file infector contains the following strings in its code:

This backdoor connects to Internet Relay Chat (IRC) servers. It executes commands from a remote malicious user, effectively compromising the affected system. Arrival Details This backdoor may be

of the following IRC channel(s): #rkill #pd #lo #rox It executes the following commands from a remote malicious user: Block DNS Create processes Download other files Insert iFrame tags into HTML files

Windows Live Messenger MSN Messenger Windows Messenger Backdoor Routine This worm executes the following commands from a remote malicious user: Join an IRC channel Send private messages on IRC channel