Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
|
google unix.com
|
|||||||
| Forums | Register | Forum Rules | Links | Albums | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
| Malware Advisories (RSS) Malware Security Advisories Via RSS |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Troj_mdrop.ao | iBot | Malware Advisories (RSS) | 0 | 04-11-2008 04:00 PM |
| Troj_mdrop.ah | iBot | Malware Advisories (RSS) | 0 | 03-14-2008 06:30 AM |
Powered by 
|
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
03-06-2008
|
|||||
|
|||||
|
Troj_mdrop.ah
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
 Malware OverviewThis Trojan arrives as attachment to email messages spammed by another malware or a malicious user. It may be dropped by other malware and may be downloaded unknowingly by a user when visiting malicious Web site(s). It takes advantage of a known vulnerability in Microsoft Excel that allows remote code execution. More information on the said vulnerability is available here. Once it successfully exploits the said vulnerability, it executes a shell code that allows it to drop any of several embedded files on the affected system, including BKDR_AGENT.SNI, BKDR_PCCLIEN.AAA, TROJ_SMALL.DCJ, and BKDR_PCCLIEN.AJT. It then executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. More... |
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Threaded Mode
