Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Worm_onlineg.tty

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Worm_onlineg.tty
# 1  
Old 07-24-2008
Worm_onlineg.tty
This worm may either be dropped or downloaded from remote sites by other malware.


Upon execution, it drops a copy of itself, a DLL component, and a non-malicious file in the system. It also creates a new folder.It modifies the system registry such that its automatic execution at every system startup is enabled. Also through system registry modification, it hides files with both System and Read-only attributes.

This worm propagates via physical and removable drives. It drops an AUTORUN.INF file to automatically execute dropped copies when the drives are accessed.


As part of its routine, this worm drops CRYP_XED-6 and TSPY_ONLINEG.BWN as its components. As a result, malicious routines of the dropped files are exhibited on the affected system.

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Python: Redirecting to tty and reading from tty

In bash, you can do something like this: #!/bin/bash echo -n "What is your name? " > /dev/tty read thename < /dev/tty How can I do the same in python? I have a python script that has the following content: #!/usr/bin/python2.7 import getpass import sys import telnetlib import... (2 Replies)
Discussion started by: SkySmart
2 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

tapset::tty

tapset::tty(3stap)														tapset::tty(3stap)

NAME

       tapset::tty - systemtap tty tapset

DESCRIPTION

       tty.open
	      Called when a tty is opened

	       See probe::tty.open(3stap)
	       for details.

       tty.release
	      Called when the tty is closed

	       See probe::tty.release(3stap)
	       for details.

       tty.resize
	      Called when a terminal resize happens

	       See probe::tty.resize(3stap)
	       for details.

       tty.ioctl
	      called when a ioctl is request to the tty

	       See probe::tty.ioctl(3stap)
	       for details.

       tty.init
	      Called when a tty is being initalized

	       See probe::tty.init(3stap)
	       for details.

       tty.register
	      Called when a tty device is registred

	       See probe::tty.register(3stap)
	       for details.

       tty.unregister
	      Called when a tty device is being unregistered

	       See probe::tty.unregister(3stap)
	       for details.

       tty.poll
	      Called when a tty device is being polled

	       See probe::tty.poll(3stap)
	       for details.

       tty.receive
	      called when a tty receives a message

	       See probe::tty.receive(3stap)
	       for details.

       tty.write
	      write to the tty line

	       See probe::tty.write(3stap)
	       for details.

       tty.read
	      called when a tty line will be read

	       See probe::tty.read(3stap)
	       for details.

SEE ALSO

	 probe::tty.open(3stap),    probe::tty.release(3stap),	  probe::tty.resize(3stap),    probe::tty.ioctl(3stap),   probe::tty.init(3stap),
       probe::tty.register(3stap),  probe::tty.unregister(3stap),  probe::tty.poll(3stap),  probe::tty.receive(3stap),	probe::tty.write(3stap),
       probe::tty.read(3stap),	stap(1), stapprobes(3stap)

IBM
									---							tapset::tty(3stap)