BKDR_DELF.EBP |
|
| BugsAlert Home > BKDR_DELF.EBP | |
|
This backdoor may be downloaded from remote sites by other malware. It may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites. It drops files/components. It registers itself as a system service to ensure its automatic execution at every system startup. It does this by creating registry keys/entries. It allows a remote user to obtain files from an affected system. It executes commands from a remote malicious user, effectively compromising the affected system. It opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected system. It then executes the legitimate Windows process SVCHOST.EXE. It injects the dropped .DLL component into the executed process. It deletes itself after injecting the said component. Original Source: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=BKDR_DELF.EBP Learn more about BKDR_DELF.EBP |
|
| Tags: bkdr delf.ebp | |
Related Items |
|
|
FrSIRT - Gentoo Security Update Fixes OpenOffice Integer Overflow Vulnerability
|
|
|
ZLOB Crosses Over
|
|
|
TROJ_CUTWAIL.AN
|
|
|
CVE-2008-0784 (Cacti)
|
|
|
CVE-2008-2214 (SNMPc)
|
|
|
Trojan-Downloader.VBS.Psyme.ir
|
|
|
TSPY_BANCOS.DZD
|
|
