Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Pe_sality.m

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Pe_sality.m
# 1  
Old 04-25-2008
Pe_sality.m
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

ImageMalware Overview
This file infector may be downloaded from remote sites by other malware.It may be dropped by other malware.It may be downloaded unknowingly by a user when visiting malicious Web sites.
It infects by appending its code to target host files.It infects specific files.It avoids folders with certain strings.
It drops a file, which is detected by Trend Micro as TROJ_AGENT.XOO.It then executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system.
It terminates certain services if found on the system. It also deletes certain registry keys, most of which are related to antivirus and security applications. The said routine makes it difficult to remove this malware from the affected system.
It creates mutex(es) to ensure that only one instance of itself is running in memory.
It downloads files, which are detected by Trend Micro as TSPY_AGENT.AMEZ, from certain URLs. The downloaded files are executed on the affected machine, thus, routines of the downloaded files are also exhibited on the affected system.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

sql::translator::producer::diagram

SQL::Translator::Producer::Diagram(3pm) 		User Contributed Perl Documentation		   SQL::Translator::Producer::Diagram(3pm)

NAME

       SQL::Translator::Producer::Diagram - ER diagram producer for SQL::Translator

SYNOPSIS

       Use via SQL::Translator:

	 use SQL::Translator;

	 my $t = SQL::Translator->new(
	     from	   => 'MySQL',
	     to 	   => 'Diagram',
	     producer_args => {
		 # All args are optional
		 out_file	  => 'schema.png',# if not provided will return from translate()
		 output_type	  => 'png',	  # is default or 'jpeg'
		 title		  => 'My Schema', # default is filename
		 font_size	  => 'medium',	  # is default or 'small,' 'large'
		 imap_file	  => '',	  # filename to write image map coords
		 imap_url	  => '',	  # base URL for image map
		 gutter 	  => 30 	  # is default, px distance b/w cols
		 num_columns	  => 5, 	  # the number of columns
		 no_lines	  => 1, 	  # do not draw lines to show FKs
		 add_color	  => 1, 	  # give it some color
		 show_fk_only	  => 1, 	  # show only fields used in FKs
		 join_pk_only	  => 1, 	  # use only primary keys to figure PKs
		 natural_join	  => 1, 	  # intuit FKs if not defined
		 skip_fields	  => [...],	  # list* of field names to exclude
		 skip_tables	  => [...],	  # list* of table names to exclude
		 skip_tables_like => [...],	  # list* of regexen to exclude tables
	     }
	 ) or die SQL::Translator->error;
	 $t->translate;

       * "list" can be either an array-ref or a comma-separated string

AUTHOR

       Ken Youens-Clark <kclark@cpan.org>.

perl v5.14.2							    2012-01-18				   SQL::Translator::Producer::Diagram(3pm)