The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Special Forums > Security > Malware Advisories (RSS)
Bkdr_coreflood.r Bkdr_coreflood.r
Google UNIX.COM
Forums Portal Register Forum Rules FAQContribute Members List Arcade Search Today's Posts Mark Forums Read


Malware Advisories (RSS) Malware Security Advisories Via RSS

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Bkdr_coreflood.r iBot Malware Advisories (RSS) 0 07-24-2008 09:00 PM

Reply
 
Submit Tools LinkBack Thread Tools Search this Thread Display Modes
  #1  
Old 07-25-2008
iBot's Avatar
RSS Robot Girl
  

Join Date: Sep 2000
Posts: 14,296
Bkdr_coreflood.r
This backdoor may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.

This backdoor drops several files. This backdoor is injected in a system process. It registers itself as a Browser Helper Object (BHO) to ensure its automatic execution every time Internet Explorer is run.

In WinNT, this backdoor creates multiple random CLSIDs and ShellIconOverlayIdentifiers, depending on how many times it was executed.

This backdoor opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user is able to execute commands on the affected system.



More...
Reply With Quote
Google The UNIX and Linux Forums
Forum Sponsor
Reply

« Bkdr_coreflood.r | Troj_vundo.cof »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode




All times are GMT -7. The time now is 10:25 AM.

The UNIX and Linux Forums RSS Feeds - Contact Us - The UNIX and Linux Forums - Archive - Top

Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited.
The UNIX and Linux Forums Content Copyright ©1993-2008. All Rights Reserved.Ad Management by RedTyger Visit The Complex Event Processing Blog

Content Relevant URLs by vBSEO 3.2.0