SecurityHome.eu IRC-Worm.Randon.I

Home / malware PDF

IRC-Worm.Randon.I

First posted on 21 November 2011.
Source: BitDefender
Aliases :
IRC-Worm.Randon.I is also known as N/A.
Explanation :
This worm spreads through IRC and is in fact a collection of backdoors, trojans, ddos programs and exploits, all packed in one executable file. The worm arrives as an exe file, through Mirc. Once this file is executed, the aforementioned registry key and files are created, and EXPL32.EXE (or LSASS.EXE for newer version) is run, thus giving the attacker complete control over the infected computer. It can download and install newer versions of itself from an internet address, files GT.EXE or GT2.EXE using its downloader component.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20