|
 |
|
BKDR_IRCBOT.GP
|
|
|
First Report:
|
2008-03-24 03:26
|
|
Last Update:
|
2008-04-19 05:32
|
|
|
Aliases:
|
2000
BKDR_IRCBOT.GP
ME
No
NT
Server
XP
|
|
|
|
Information From AntiVirus Vendors
|
|
|
|
|
Below you will find virus information from different antivirus vendors included in this Secunia Virus Profile. Information about the virus along with links to removal tools will be listed below when available.
The information provided is sorted by the date on which the information first became publicy available on the antivirus vendors' websites. The earliest available reports are displayed first. Please note timestamps are in GMT+1.
|
|
|
#1 - TREND MICRO
|
| |
|
|
BKDR_IRCBOT.GP
|
Severity:
-
|
File Size:
-
|
| |
|
|
Reported:
2008-03-24 03:26
|
Last Update:
2008-04-19 05:32
|
| |
Description:
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2008-04-19 05:32
|
Description was changed.
New:
"N/A"
Old:
"This backdoor may be downloaded from remote
site(s) by other malware. It may be dropped
by other malware. It may be downloaded
unknowingly by a user when visiting malicious
Web site(s).
It drops a copy of itself,
terminates the initially executed copy, and
executes the dropped copy. The dropped copy
is set to Read-only, Hidden, and System
attributes to avoid easy detection.
It
creates a registry entry to enable its
automatic execution at every system startup.
This backdoor opens TCP port 9103 to
connect an Internet Relay Chat (IRC) server.
It then joins any several IRC channels.
Once connected, it listens for commands from
a remote user that it can execute locally.
This routine effectively compromises the
affected system’s security."
|
| |
|
|
2008-03-24 04:22
|
Description was changed.
New:
"This backdoor may be downloaded from remote
site(s) by other malware. It may be dropped
by other malware. It may be downloaded
unknowingly by a user when visiting malicious
Web site(s).
It drops a copy of itself,
terminates the initially executed copy, and
executes the dropped copy. The dropped copy
is set to Read-only, Hidden, and System
attributes to avoid easy detection.
It
creates a registry entry to enable its
automatic execution at every system startup.
This backdoor opens TCP port 9103 to
connect an Internet Relay Chat (IRC) server.
It then joins any several IRC channels.
Once connected, it listens for commands from
a remote user that it can execute locally.
This routine effectively compromises the
affected system’s security."
Old:
"N/A"
|
|
|
|
|
|
Please note: The information that this Secunia Virus Profile is based on comes from a third party unless stated otherwise.
The grouping process is done completely automatically, therefore minor inconsistencies may occur. For more information about Secunia Virus Information, please read: About Virus Information.
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
