Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Troj_agent.amal

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Troj_agent.amal
# 1  
Old 04-15-2008
Troj_agent.amal
This Trojan may be dropped by other malware.
It may be downloaded unknowingly by a user when visiting malicious Web site(s).
It creates a registry entry to enable its automatic execution at every system startup.
It also registers itself as a Browser Helper Object (BHO) to ensure its automatic execution every time Internet Explorer is run. It does this by creating a registry key(s)/entry(ies).
It creates several registry key(s)/entry(ies) as part of its installation routine.

It drops a component file(s) that is also detected by Trend Micro as TROJ_AGENT.AMAL</ul>
It opens a hidden Internet Explorer window that attempts to connect to a possibly malicious URL.

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT SUNOS

soldelapp

soldelapp(1M)						  System Administration Commands					     soldelapp(1M)

NAME

       soldelapp - remove an application from the Solstice application registry

SYNOPSIS

       /usr/snadm/bin/soldelapp [-r registry] -n name

DESCRIPTION

       soldelapp  removes an application from the Solstice application registry. After removal, the application is no longer displayed in the Sol-
       stice Launcher main window (see	solstice(1M)).

OPTIONS

       -r registry     Define the full path name of the Solstice registry file.

       -n name	       Define the name of the tool to be removed.

       When executed without options,  soldelapp uses  /opt/SUNWadm/etc/.solstice_registry (the default registry path).

RETURN VALUES

       0	on success

       1	on failure

       2	if the registry is locked

       3	if  name is not found in the registry

       4	if the named registry or default registry is not found

EXAMPLES

       Example 1: A sample display of the soldelapp command.

       The following removes an application called Disk Manager from the Solstice application registry and the Solstice Launcher main window.

       # soldelapp -r /opt/SUNWadm/etc/.solstice_registry -n "Disk Manager"

FILES

       /opt/SUNWadm/etc/.solstice_registry     The default registry file.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWsadml 		   |
       +-----------------------------+-----------------------------+

SEE ALSO

       soladdapp(1M), solstice(1M), attributes(5)

NOTES

       Globally registered applications are used by local and remote users sharing the software in  a  particular  /opt  directory.  They  can	be
       removed only using  soldelapp.

SunOS 5.10							    15 Sep 1995 						     soldelapp(1M)