The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Special Forums > Security > Malware Advisories (RSS)
Google UNIX.COM


Malware Advisories (RSS) Malware Security Advisories Via RSS

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Troj_mutant.ew iBot Malware Advisories (RSS) 0 07-25-2008 01:20 PM
Troj_mutant.al iBot Malware Advisories (RSS) 0 05-14-2008 12:30 PM

Reply
 
Submit Tools LinkBack Thread Tools Search this Thread Display Modes
  #1  
Old 07-31-2008
iBot's Avatar
RSS Robot Girl
 

Join Date: Sep 2000
Posts: 14,296
Troj_mutant.hp

This Trojan may arrive bundled with malware packages as a malware component. It may also arrive as a .DLL file that exports functions used by other malware.

It is usually dropped in Windows system folder and executes every time the system is started via a created autostart registry entry.

This .DLL file is injected into the WINLOGON.EXE process running in memory. It has the capability to connect to a certain URL using the HTTP (TCP port 80) protocol to possibly download other files. It also has the capability to drop a temp file, which is detected by Trend Micro as TROJ_PANDEX.EO.

However, this Trojan requires other components in order to run properly.



More...
Reply With Quote
Google The UNIX and Linux Forums
Forum Sponsor
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes




All times are GMT -7. The time now is 12:10 AM.


Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited.
The UNIX and Linux Forums Content Copyright ©1993-2008. All Rights Reserved.Ad Management by RedTyger Visit The Complex Event Processing Blog

Content Relevant URLs by vBSEO 3.2.0