Search

download and execute arbitrary files, and update itself. Variants may also check for AV-related files in the infected computer. Some ZAPCHAST variants use an IRC client to perform backdoor routines. This

and status updates Backdoor Routine This worm executes the following commands from a remote malicious user: Block DNS Create processes Download other files Insert iFrame tags into HTML files Join an IRC

a remote malicious user: Update itself Join/Leave an IRC channel Download other files Perfrom Slowloris, UDP, and SYN flooding Create processes It connects to the following URL(s) to send and receive

This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file

This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: TROJ_BAGLE TROJ_POLYCRYPT WORM_SDBOT

A worm is a malware that is designed to propagate and spread across networks. Worms are known to propagate using one or several of different transmission vectors like email, IRC, network shares,

automated analysis system. Backdoor:Win32/Bifrose.gen!C (Microsoft); IRC Trojan (Symantec); Trojan.Win32.Buzus.Gen (Sunbelt); Trojan horse BackDoor.Generic9.AEGJ (AVG)

output of the command interpreter to data from certain IRC server (Datapipe) Manage SQL databases Execute PHP code Remove itself from the server Scan FTP accounts for weak passwords using brute force and

This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

}.30.11 It does the following: Connect to IRC server. Download files. Receive commands from remote user. Backdoor.Perl.Shellbot.B (BITDEFENDER)

}.3.19 It does the following: Connect to IRC server. Download files. Receive commands from remote user. Backdoor:Perl/Shellbot.S (Microsoft); Backdoor.Perl.Shellbot.au (Kaspersky); Perl/IRCBot.I!tr

via an automated analysis system. VirTool:Win32/DelfInject [non_writable_container] (Microsoft); BackDoor-DOQ.gen.w (McAfee); IRC Trojan (Symantec); Backdoor.Win32.BlackHole.bf (Kaspersky);

siteadvisor.com avgthreatlabs.com safeweb.norton.com This backdoor connects to a certain IRC server using a specific port and joins a channel where it receives commands from a malicious user. It sends the following

This worm may be downloaded by other malware/grayware/spyware from remote sites. It uses the Windows Task Scheduler to add a scheduled task that executes the copies it drops. It executes commands

This worm may be downloaded by other malware/grayware/spyware from remote sites. It uses the Windows Task Scheduler to add a scheduled task that executes the copies it drops. It executes commands

monitors the following browsers: Flock Opera Google Chrome Internet Explorer Mozilla Firefox It has the following backdoor capabilities: Join an IRC channel Update itself Download other files Perfrom

Description Name: APT - ZAPCHAST - HTTP (Request) . ZAPCHAST variants often arrive as an attachment to spammed messages. Once the malware has been executed, it creates a backdoor which gives an attacker access to the infected computer. It can also do...