Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Troj_ppdrop.k

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Troj_ppdrop.k
# 1  
Old 12-29-2007
Troj_ppdrop.k
This Trojan arrives on a system as a .PPS/.PPT file that is dropped by other malware. It can also be downloaded unknowingly by a user when visiting malicious Web sites.
Upon execution, it dropsseveral files, some of which are detected as BKDR_AGENT.ADGS.
A dropped .TMP file is then injected into a running process to remain memory resident. As a result, routines of the dropped file are also exhibited on the affected system. To automate execution of the dropped malicious file, it also adds a registry entry.
It takes advantage of the following software vulnerability to drop and execute the said component file:
  • Microsoft Security Bulletin MS06-012
The said vulnerability in Microsoft Office may allow a remote user to use a malformed routing slip to execute malicious codes on the affected system.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

twill-sh

TWILL(1)							  [FIXME: manual]							  TWILL(1)

NOM

       twill-sh - a simple scripting language for Web browsing

SYNOPSIS

       twill-sh [option] [script(s)]

DESCRIPTION

       Twill is a simple language that allows users to browse the Web from a command-line interface. With twill, you can navigate through Web
       sites that use forms, cookies, and most standard Web features. twill-sh lets you interactively browse the Web.

OPTIONS

       --help/-h
	   print usage information

       --version/-v
	   Show version information and exit

       --quiet/-q
	   Do not show normal output

       --interactive/-i
	   Drop into an interactive shell after running files if any

       --fail/-f
	   Exit on first file which fails

       --never-fail/-n
	   Continue executing scripts even if errors occur

       --url/-u URL
	   Start at the given URL before each script

SEE ALSO

       twill-fork (1).

AUTHORS

       Twill was written by C. Titus Brown titus@idyll.org and

       This manual page was written by Arnaud Fontaine arnau@debian.org for the Debian system (but may be used by others). Permission is granted
       to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 any later version published by
       the Free Software Foundation.

       On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.

COPYRIGHT

       Copyright (C) 2007 Arnaud Fontaine

[FIXME: source] 						  april 10, 2007							  TWILL(1)