Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Troj_bagle.mv

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Troj_bagle.mv
# 1  
Old 03-17-2008
Troj_bagle.mv
This Trojan may be dropped by other malware.It may be installed manually by a user.It may be downloaded unknowingly by a user when visiting malicious Web sites.
It creates folders.It drops copies of itself.
It creates registry entries to enable its automatic execution at every system startup.It registers itself as a system service to ensure its automatic execution at every system startup. It does this by creating registry keys.
It accesses Web sites to download files. As a result, malicious routines of the downloaded files may be exhibited on the affected system.
However, as of this writing, the said sites are unavailable.
It also restarts the affected system.
Once this Trojan is executed, it asks for a file to be cracked. Upon selecting a file, it displays an error message saying "Incorrect file version".
It then saves the downloaded files in the %Application Data%\m subfolder.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT MOJAVE

new

NEW(1)                                                               [nmh-1.5]                                                              NEW(1)

NAME

       new - report on folders with new messages

       fnext - set current folder to next folder with new messages

       fprev - set current folder to previous folder with new messages

       unseen - scan new messages in all folders with new messages

SYNOPSIS

       new [sequences] [-mode mode] [-folders foldersfile] [-version] [-help]

       fnext is equivalent to new -mode fnext

       fprev is equivalent to new -mode fprev

       unseen is equivalent to new -mode unseen

DESCRIPTION

       New  in  its  default  mode  produces  a  one-line-per-folder  listing of all folders containing messages in the listed sequences or in the
       sequences listed in the profile entry "Unseen-Sequence".  Each line contains the folder, the number of messages in the  desired  sequences,
       and the message lists from the .mh_sequences file.  For example:

            foo     11.* 40-50
            bar    380.  760-772 824-828
             total    391.

       The `*' on foo indicates that it is the current folder.  The last line shows the total number of messages in the desired sequences.

       New crawls the folder hierarchy recursively to find all folders, and prints them in lexicographic order.  Override this behavior by provid-
       ing foldersfile containing the pre-sorted list of folders new should check, one per line.

       In fnext and fprev modes, new instead changes to the next or previous matching folder, respectively.

       In unseen mode, new executes scan sequences for each matching folder.

FILES

       $HOME/.mh_profile          The user profile

PROFILE COMPONENTS

       Path:                To determine the user's nmh directory
       Current-Folder:      To find the default current folder
       Unseen-Sequence:     The name of the unseen message sequence

SEE ALSO

       scan(1), mh-format(5)

HISTORY

       Based on Luke Mewburn's new (http://www.mewburn.net/luke/src/new).

MH.6.8                                                             11 June 2012                                                             NEW(1)