Search
Keyword: usojan.perl.malxmr.uwejs
This malware is involved in the Bash Vulnerability Exploit attack of September 2014. It is capable of compromising an affected system's security by carrying out commands made by a malicious remote
This backdoor may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This Backdoor may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to Internet Relay Chat (IRC) servers. It
This backdoor is downloaded and installed in systems via malicious URL. It is installed with a miner. This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded
{BLOCKED}-remote.com/kisses.tar.gz # tar xzvf kisses.tar.gz # perl linda.pl
Arrival Details This Trojan may be downloaded from the following remote site(s): http://{BLOCKED}5.{BLOCKED}4.184.150/404.cgi NOTES: It contains embedded malware ELF_ROOPRE.A, which will be executed
!killall - Terminate all Perl processes !reset - Reconnect to IRC server !jo - Join a channel !part - Leave a channel !nick - Change nickname !pid - Send fake process name and process ID ! - Execute a shell
This malware figures in a Shellshock-related SMTP attack. To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below. This backdoor executes
arbitrary shell commands from a remote user Once this PERL script is installed, the remote user may then launch a backdoor on the affected system. Opening the page, the malicious user is shown the following
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to a website to send and receive
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It joins an Internet Relay Chat (IRC) channel. Arrival
This backdoor executes commands from a remote malicious user, effectively compromising the affected system. Arrival Details This backdoor may be downloaded from the following remote site(s): http://
This backdoor comes bundled with a Monero miner, both spread by a botnet. The techniques employed are reminiscent of the Outlaw hacking group that Trend Micro reported in November 2018. This Backdoor
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Coinminer arrives as a component bundled with malware/grayware packages. Arrival Details This Coinminer arrives as a component bundled with malware/grayware packages. Installation This Coinminer
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Coinminer arrives on a system as
This is the detection for exploit codes that takes advantage of a vulnerability in the hosting control panel Plesk. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the