Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Mal_crypt-3

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Mal_crypt-3
# 1  
Old 01-30-2008
Mal_crypt-3
This is the Trend Micro detection for suspicious files that manifest behavior and characteristics of encrypted downloader malware.For support on detected files, samples may be submitted to Trend Micro. Detailed analysis will be done on submitted samples and corresponding cleaning instructions may be applied, if necessary.
If your Trend Micro product detects a file under this detection name, do not execute the file. Delete it immediately especially if it came from an untrusted or an unknown source (e.g., a Web site of doubtful nature). However, if you have reason to believe that the detected file is non-malicious, you can submit a sample for analysis. Detailed analysis will be done on submitted samples, and corresponding removal instructions will be provided, if necessary.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT XFREE86

crypt

crypt(1)                                                                                                                                  crypt(1)

NAME

       crypt - encode or decode a file

SYNOPSIS

       crypt [password]

       The  crypt utility encrypts and decrypts the contents of a file. crypt reads from the standard input and writes on the standard output. The
       password is a key that selects a particular transformation. If no password is given, crypt demands a key from the terminal  and  turns  off
       printing while the key is being typed in. crypt encrypts and decrypts with the same key:

       example% crypt key < clear.file > encrypted.file
       example% crypt key < encrypted.file | pr

       prints the contents of clear.file.

       Files encrypted by crypt are compatible with those treated by the editors ed(1), ex(1), and vi(1) in encryption mode.

       The  security  of  encrypted  files depends on three factors:  the fundamental method must be hard to solve; direct search of the key space
       must be infeasible; "sneak paths" by which keys or cleartext can become visible must be minimized.

       crypt implements a one-rotor machine designed along the lines of the German Enigma, but with a 256-element rotor.   Methods  of  attack  on
       such machines are widely known, thus crypt provides minimal security.

       The transformation of a key into the internal settings of the machine is deliberately designed to be expensive, that is, to take a substan-
       tial fraction of a second to compute.  However, if keys are restricted to (say) three lower-case letters, then encrypted files can be  read
       by expending only a substantial fraction of five minutes of machine time.

       Since  the key is an argument to the crypt command, it is potentially visible to users executing ps(1) or a derivative command. To minimize
       this possibility, crypt takes care to destroy any record of the key immediately upon entry. No doubt the choice of keys  and  key  security
       are the most vulnerable aspect of crypt.

       /dev/tty        for typed key

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Availability                 |SUNWcsu                      |
       +-----------------------------+-----------------------------+

       des(1), ed(1), ex(1), ps(1), vi(1), attributes (5)

                                                                    8 Mar 2005                                                            crypt(1)