Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Worm_socks.d

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Worm_socks.d
# 1  
Old 03-11-2008
Worm_socks.d
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

ImageMalware Overview
This worm arrives via email messages spammed by another malware or by a malicious user. It may also be dropped by other malware.
Instead of attaching copies of itself to email messages, this worm asks users to click a link in the message. This is an effective way for it to bypass email applications that scan for malicious attachments.
When a user clicks the said link, this worm connects to certain Web sites to download a copy of itself.
This worm drops copies of itself.
It creates registry entries to enable its automatic execution at every system startup. It also modifies a registry entry to enable its automatic execution at every system startup.
This worm propagates by sending email messages containing a link, which when clicked, redirects users to a malicious Web site where a copy of this worm is downloaded.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

lwp::protocol::socks

LWP::Protocol::socks(3pm)				User Contributed Perl Documentation				 LWP::Protocol::socks(3pm)

NAME

       LWP::Protocol::socks - adds support for the socks protocol and proxy facility

SYNOPSIS

       use LWP::Protocol::socks;

DESCRIPTION

       Use this package when you wish to use a socks proxy for your connections.

       It provides some essential hooks into the LWP system to implement a socks "scheme" similar to http for describing your socks connection,
       and can be used to proxy either http or https connections.

       The use case is to use LWP::UserAgent's proxy method to register your socks proxy like so:

	$ua->proxy([qw(http https)] => 'socks://socks.yahoo.com:1080');

       Then just use your $ua object as usual!

EXAMPLES

	#!/usr/local/bin/perl
	use strict;
	use LWP::UserAgent;

	my $ua = new LWP::UserAgent(agent => 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5) Gecko/20060719 Firefox/1.5.0.5');
	# for socks5, use socks like so:
	$ua->proxy([qw(http https)] => 'socks://socks.yahoo.com:1080');
	# for socks4, use socks4 like so:
	$ua->proxy([qw(http https)] => 'socks4://socks.yahoo.com:1080');
	my $response = $ua->get("http://www.freebsd.org");
	print $response->code,' ', $response->message,"
";
	my $response = $ua->get("https://www.microsoft.com");
	print $response->code,' ', $response->message,"
";

NOTES

       I don't have much time to contribute to this.  If you'd like to contribute, please fork https://github.com/scr/cpan and send me a pull
       request.

AUTHORS

       Sheridan C Rawlins <sheridan.rawlins@yahoo.com>

       Oleg G <oleg@cpan.org>

perl v5.14.2							    2012-02-12						 LWP::Protocol::socks(3pm)