Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Pe_proyo.a-o

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Pe_proyo.a-o
# 1  
Old 01-03-2008
Pe_proyo.a-o
This file infector may be dropped or downloaded from remote sites by other malware.
This file infector drops a copy of itself. This file infector creates a registry entry to enable its automatic execution at every system startup.
It then checks all subkeys listed under a registry key and creates a specific entry for every found subkey. This is done to ensure that the execution of the file infector everytime a debugging event is triggered for each listed subkey.
This file infector infects by prepending its code to target host files. It does not infect files with file size less than 1 KB. It also avoids certain folders. Trend Micro detects infected files as PE_PROYO.A.
This file infector drops hidden copies of itself in all physical and removable drives. It drops an AUTORUN.INF file to automatically execute dropped copies when the drives are accessed.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT SUNOS

soladdapp

soladdapp(1M)						  System Administration Commands					     soladdapp(1M)

NAME

       soladdapp - add an application to the Solstice application registry

SYNOPSIS

       /usr/snadm/bin/soladdapp [-r registry] -n name -i icon -e executable [args]

DESCRIPTION

       soladdapp  adds	an  application  to  the  Solstice  application  registry. After it is added, the application is displayed in the Solstice
       Launcher main window (see solstice(1M)).

OPTIONS

       -r registry     Define the full path name of the Solstice registry file.

       -n name	       Define the name of the tool to be registered.

       -i icon	       Define the full path name of the tool icon.

       -e executable   Define the full path name of the tool.

       args	       Specify any arguments to use with the tool.

       When executed without options,  soladdapp uses  /opt/SUNWadm/etc/.solstice_registry (the default registry path).

RETURN VALUES

       0	on success

       1	on failure

       2	if the registry is locked

       3	if the entry is a duplicate.

EXAMPLES

       Example 1: A sample display of the soladdapp command.

       The following adds an application called Disk Manager to the Solstice application registry for display in the Solstice Launcher	main  win-
       dow.

       # soladdapp -r /opt/SUNWadm/etc/.solstice_registry -n "Disk Manager"
       -i /opt/SUNWdsk/etc/diskmgr.xpm -e /opt/SUNWdsk/bin/diskmgr

FILES

       /opt/SUNWadm/etc/.solstice_registry     The default registry path.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWsadml 		   |
       +-----------------------------+-----------------------------+

SEE ALSO

       soldelapp(1M), solstice(1M), attributes(5)

NOTES

       Globally registered applications are used by local and remote users sharing the software in a particular  /opt directory. They can be added
       only using soladdapp.

SunOS 5.10							    15 Sep 1995 						     soladdapp(1M)