Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Pe_sality.m

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Pe_sality.m
# 1  
Old 04-25-2008
Pe_sality.m
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

ImageMalware Overview
This file infector may be downloaded from remote sites by other malware.It may be dropped by other malware.It may be downloaded unknowingly by a user when visiting malicious Web sites.
It infects by appending its code to target host files.It infects specific files.It avoids folders with certain strings.
It drops a file, which is detected by Trend Micro as TROJ_AGENT.XOO.It then executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system.
It terminates certain services if found on the system. It also deletes certain registry keys, most of which are related to antivirus and security applications. The said routine makes it difficult to remove this malware from the affected system.
It creates mutex(es) to ensure that only one instance of itself is running in memory.
It downloads files, which are detected by Trend Micro as TSPY_AGENT.AMEZ, from certain URLs. The downloaded files are executed on the affected machine, thus, routines of the downloaded files are also exhibited on the affected system.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT CENTOS

perl::critic::policyparameter::behavior

Perl::Critic::PolicyParameter::Behavior(3)		User Contributed Perl Documentation		Perl::Critic::PolicyParameter::Behavior(3)

NAME

       Perl::Critic::PolicyParameter::Behavior - Default type-specific actions for a parameter.

DESCRIPTION

       Provides a standard set of functionality for a Perl::Critic::PolicyParameter so that the developer of a policy does not have to provide it
       her/himself.  The developer can override most of the functionality in the subclasses; these are just defaults.

       All subclasses have singleton instances held onto by Perl::Critic::PolicyParameter.

INTERFACE SUPPORT

       This is considered to be a non-public class.  Its interface is subject to change without notice.

METHODS

       "initialize_parameter( $parameter, $specification )"
	   Plug in the functionality this behavior provides into the parameter, based upon the configuration provided by the specification.  The
	   configuration items looked for depends upon the specific behavior subclass.

       "generate_parameter_description( $parameter )"
	   Create a description of the parameter, based upon the description on the parameter itself, but enhancing it with information from this
	   behavior.

	   Note that this may return "undef" if the parameter itself doesn't have a description.  Also, the returned value may include multiple
	   lines.

AUTHOR

       Elliot Shank <perl@galumph.com>

COPYRIGHT

       Copyright (c) 2006-2011 Elliot Shank.

       This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.  The full text of this license
       can be found in the LICENSE file included with this module.

perl v5.16.3							    2014-06-09				Perl::Critic::PolicyParameter::Behavior(3)