【速報】遠隔操作ウイルスのURLが嫌儲民によって特定される ★2
492 :番組の途中ですがアフィサイトへの転載は禁止です:
あっシマンテックの方が伏字が無くてやや詳しい
やっぱしたらば
Backdoor.Rabasheeta
http://www.symantec.com/security_response/writeup.jsp?docid=2012-101004-0445-99&tabid=2
October 9, 2012
Updated:
October 10, 2012 7:09:09 AM
Also Known As:
Trojan.Fakemess [Symantec]
Type:
Trojan
Infection Length:
49,664 bytes
Systems Affected:
Windows 98, Windows 95, Windows XP, Windows Server 2008, Windows 7, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Windows 2000
When the Trojan is executed, it creates the following registry entry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"iesys" = "[PATH TO TROJAN]"
The Trojan then opens a back door on the compromised computer by connecting to the following legitimate website:
http://jbbs.livedoor.jp/
It uploads files to the following URL:
[http://]sysdeck.boxhost.me/upld[REMOVED]
やっぱしたらば
Backdoor.Rabasheeta
http://www.symantec.com/security_response/writeup.jsp?docid=2012-101004-0445-99&tabid=2
October 9, 2012
Updated:
October 10, 2012 7:09:09 AM
Also Known As:
Trojan.Fakemess [Symantec]
Type:
Trojan
Infection Length:
49,664 bytes
Systems Affected:
Windows 98, Windows 95, Windows XP, Windows Server 2008, Windows 7, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Windows 2000
When the Trojan is executed, it creates the following registry entry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"iesys" = "[PATH TO TROJAN]"
The Trojan then opens a back door on the compromised computer by connecting to the following legitimate website:
http://jbbs.livedoor.jp/
It uploads files to the following URL:
[http://]sysdeck.boxhost.me/upld[REMOVED]
|
|
|