Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Bkdr_asprox.b

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Bkdr_asprox.b
# 1  
Old 01-13-2008
Bkdr_asprox.b
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

Image Malware Overview
This backdoor is dropped by other malware. It can also be downloaded unknowingly by a user when visiting malicious Web sites.
Upon execution, this backdoor drops several files, some of which are detected as BKDR_ASPROX.B.
It opens port 80 and acts as an HTTP proxy. It then connects to certain sites, and retrieves the connection time for each.
It then deletes itself after execution.
It uploads specific information to the above-mentioned Web sites, using an HTTP POST command. This backdoor also allows a remote malicious user to perform commands on the affected system.
It also retrieves commands and updates from the said sites, by parsing the HTTP page being returned by the server during upload of stolen information. The returned HTTP page is obfuscated. It searches the registry for FTP hosts, user accounts, and passwords.
It gathers e-mail addresses on affected the system, however those addresses should satisfy certain conditions.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

perl::critic::policyparameter::behavior

Perl::Critic::PolicyParameter::Behavior(3pm)		User Contributed Perl Documentation	      Perl::Critic::PolicyParameter::Behavior(3pm)

NAME

       Perl::Critic::PolicyParameter::Behavior - Default type-specific actions for a parameter.

DESCRIPTION

       Provides a standard set of functionality for a Perl::Critic::PolicyParameter so that the developer of a policy does not have to provide it
       her/himself.  The developer can override most of the functionality in the subclasses; these are just defaults.

       All subclasses have singleton instances held onto by Perl::Critic::PolicyParameter.

INTERFACE SUPPORT

       This is considered to be a non-public class.  Its interface is subject to change without notice.

METHODS

       "initialize_parameter( $parameter, $specification )"
	   Plug in the functionality this behavior provides into the parameter, based upon the configuration provided by the specification.  The
	   configuration items looked for depends upon the specific behavior subclass.

       "generate_parameter_description( $parameter )"
	   Create a description of the parameter, based upon the description on the parameter itself, but enhancing it with information from this
	   behavior.

	   Note that this may return "undef" if the parameter itself doesn't have a description.  Also, the returned value may include multiple
	   lines.

AUTHOR

       Elliot Shank <perl@galumph.com>

COPYRIGHT

       Copyright (c) 2006-2011 Elliot Shank.

       This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.  The full text of this license
       can be found in the LICENSE file included with this module.

perl v5.14.2							    2012-06-07			      Perl::Critic::PolicyParameter::Behavior(3pm)