|
|
|
|||||||
| Home | Forums | Register | Rules & FAQ | Members List | Arcade | Search | Today's Posts | Mark Forums Read |
| Malware Advisories (RSS) Malware Security Advisories Via RSS |
Other UNIX.COM Threads You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Bkdr_sinowal.cf | iBot | Malware Advisories (RSS) | 0 | 05-03-2008 09:20 AM |
 |
|
|
Submit Tools | LinkBack | Thread Tools | Search this Thread | Display Modes |
05-02-2008
|
||||
|
||||
|
Bkdr_sinowal.cf
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
 Malware OverviewThis backdoor may be dropped by TROJ_SINOWAL.CB. It looks for the bootable drive of the affected system. Once found, it copies the original Master Boot Record (MBR) and saves it to another location in the hard disk. It then modifies the MBR by inserting its malicious code. It also saves some of its malicious code in other portion of the hard disk. As a result, data of the files saved in the said portion is replaced. It creates a registry entry to enable its automatic execution at every system startup. More... 
|
||||
| Google UNIX.COM |
| Forum Sponsor | ||
|
|
|
| Thread Tools | Search this Thread |
| Display Modes | |
|
|
Linear Mode
