Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Bkdr_asprox.b

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Bkdr_asprox.b
# 1  
Old 01-13-2008
Bkdr_asprox.b
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

Image Malware Overview
This backdoor is dropped by other malware. It can also be downloaded unknowingly by a user when visiting malicious Web sites.
Upon execution, this backdoor drops several files, some of which are detected as BKDR_ASPROX.B.
It opens port 80 and acts as an HTTP proxy. It then connects to certain sites, and retrieves the connection time for each.
It then deletes itself after execution.
It uploads specific information to the above-mentioned Web sites, using an HTTP POST command. This backdoor also allows a remote malicious user to perform commands on the affected system.
It also retrieves commands and updates from the said sites, by parsing the HTTP page being returned by the server during upload of stolen information. The returned HTTP page is obfuscated. It searches the registry for FTP hosts, user accounts, and passwords.
It gathers e-mail addresses on affected the system, however those addresses should satisfy certain conditions.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT CENTOS

perl::critic::policyparameter::behavior::integer

Perl::Critic::PolicyParameter::Behavior::Integer(3)	User Contributed Perl Documentation    Perl::Critic::PolicyParameter::Behavior::Integer(3)

NAME

       Perl::Critic::PolicyParameter::Behavior::Integer - Actions appropriate for an integer parameter.

DESCRIPTION

       Provides a standard set of functionality for an integer Perl::Critic::PolicyParameter so that the developer of a policy does not have to
       provide it her/himself.

       The parser provided by this behavior allows underscores ("_") in input values as in a Perl numeric literal.

       NOTE: Do not instantiate this class.  Use the singleton instance held onto by Perl::Critic::PolicyParameter.

INTERFACE SUPPORT

       This is considered to be a non-public class.  Its interface is subject to change without notice.

METHODS

       "initialize_parameter( $parameter, $specification )"
	   Plug in the functionality this behavior provides into the parameter, based upon the configuration provided by the specification.

	   This behavior looks for two configuration items:

	   integer_minimum
	       Optional.  The minimum acceptable value.  Inclusive.

	   integer_maximum
	       Optional.  The maximum acceptable value.  Inclusive.

       "generate_parameter_description( $parameter )"
	   Create a description of the parameter, based upon the description on the parameter itself, but enhancing it with information from this
	   behavior.

	   In this case, this means including the minimum and maximum values.

AUTHOR

       Elliot Shank <perl@galumph.com>

COPYRIGHT

       Copyright (c) 2007-2011 Elliot Shank.

       This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.  The full text of this license
       can be found in the LICENSE file included with this module.

perl v5.16.3							    2014-06-09		       Perl::Critic::PolicyParameter::Behavior::Integer(3)