Search
Keyword: irc generic
This is Trend Micro detection for packets passing through IRC network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicators of an infected host:Excessive spamming, exploit ...
This is Trend Micro detection for packets passing through IRC network protocols that can be used as Point of Entry or Lateral Movement. This also indicates a malware infection. Below are some indicators of an infected host:Excessive spamming, exploit...
This backdoor may be hosted on a website and run when a user accesses the said website.It executes commands from a remote malicious user, effectively compromising the affected system.
This backdoor may be hosted on a website and run when a user accesses the said website.It executes commands from a remote malicious user, effectively compromising the affected system.
ZAPCHAST variants often arrive as an attachment to spammed messages. Once the malware has been executed, it creates a backdoor which gives an attacker access to the infected computer. It can also download and execute arbitrary files, and update itsel...
This file infector may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites.
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It runs certain commands that it receives remotely from a malicious user. Doing this puts the affected co...
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It executes then deletes itself afterward.It drops an AUTORUN.INF file to au...
This Trojan arrives as a dropped file by a variant of the WORM_QAKBOT family.This is the general configuration file that is part of the QAKBOT package. Once decrypted, it typically contains the following information on the reference to the components...
This backdoor deletes autostart registry entries associated with the processes it terminates to completely disable applications.It may also connect to Internet Relay Chat (IRC) servers and receive commands from a remote user.It deletes the file(s) a...
This malware is part of an attempted PHP backdoor attack via spam that took place on March 2014. Users affected by this malware would be shown a user interface of the malware's control panel, which shows its backdoor capabilities.To get a one-glance ...
This file infector may be downloaded by other malware/grayware/spyware from remote sites. It may be manually installed by a user.It infects by appending its code to target host files.
This Worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.However, as of this writing, the said sites are inaccessible.It terminates i...
It sends messages that contain links to sites hosting remote copies of itself using specific instant-messaging (IM) applications.This worm arrives via removable drives. It may be dropped by other malware. It may be unknowingly downloaded by a user w...
However, as of this writing, the said sites are inaccessible.It appends its codes to target files.
This backdoor may be dropped by other malware. It arrives as a component bundled with malware/grayware packages. It may be unknowingly downloaded by a user while visiting malicious websites.It connects to a website to send and receive information.It...
This backdoor may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites.It sends the information it gathers to remote sites.
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It drops an AUTORUN.INF file to automatically execute the copies it drops wh...
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It drops an AUTORUN.INF file to automatically...