Troj_agent.nmb

Tags

agent, malware, nm

Special Forums Cybersecurity Malware Advisories (RSS) Troj_agent.nmb

04-09-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

Troj_agent.nmb

This Trojan may be downloaded from remote sites by the following malware, specifically TROJ_AGENT.LJY. It may also be downloaded from a certain remote site.
Upon execution, this Trojan drops a component file, which Trend Micro detects as TROJ_ROOTKIT.EZ.
This Trojan drops a batch file to delete itself after execution. The said batch file also deletes itself after deleting the malware file.
However, due to some errors in its code, this Trojan could not perform its malicious routine properly.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Smb & nmb not starting at boot - CentOS7

I would like the smb and nmb to start on boot. In the terminal (as root) I did: /sbin/chkconfig smb --addor chkconfig --add sambaor chkconfig --add /sbin/smbdresault is message like below : error reading information on service smb: No such file or directory Please use CODE tags as...

LEARN ABOUT LINUX

ssh-copy-id

SSH-COPY-ID(1)						      General Commands Manual						    SSH-COPY-ID(1)

NAME

       ssh-copy-id - install your public key in a remote machine's authorized_keys

SYNOPSIS

       ssh-copy-id [-i [identity_file]] [user@]machine

DESCRIPTION

       ssh-copy-id  is	a script that uses ssh to log into a remote machine and append the indicated identity file to that machine's ~/.ssh/autho-
       rized_keys file.

       If the -i option is given then the identity file (defaults to ~/.ssh/id_rsa.pub) is used, regardless of whether there are any keys in  your
       ssh-agent.  Otherwise, if this:

	     ssh-add -L

       provides any output, it uses that in preference to the identity file.

       If  the -i option is used, or the ssh-add produced no output, then it uses the contents of the identity file.  Once it has one or more fin-
       gerprints (by whatever means) it uses ssh to append them to ~/.ssh/authorized_keys on the remote machine (creating the file, and directory,
       if necessary.)

NOTES

       This program does not modify the permissions of any pre-existing files or directories. Therefore, if the remote sshd has StrictModes set in
       its configuration, then the user's home, ~/.ssh folder, and ~/.ssh/authorized_keys file may need to have group writability  disabled  manu-
       ally, e.g. via

	     chmod go-w ~ ~/.ssh ~/.ssh/authorized_keys

       on the remote machine.

SEE ALSO

       ssh(1), ssh-agent(1), sshd(8)

OpenSSH 							 14 November 1999						    SSH-COPY-ID(1)

Malware Advisories (RSS)