TROJ_NUWAR.AT |
|
| BugsAlert Home > TROJ_NUWAR.AT | |
|
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview This Trojan may be downloaded from remote sites by other malware. It may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites. It drops copies of itself. It registers itself as a system service to ensure its automatic execution at every system startup. It does this by creating registry keys/entries. It gives a malicious user administrative rights to load executable codes into kernel mode where device drivers are run. This routine also allows a malicious user to install malicious codes into a system without being subjected to normal Windows security restrictions. Hence, malicious files can be downloaded regardless of the security settings. It then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. Original Source: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_NUWAR.AT Learn more about TROJ_NUWAR.AT |
|
| Tags: troj nuwar.at | |
Related Items |
|
|
Vuln: International Components for Unicode Library (libicu) Multiple Memory Corruption Vulnerabilities
|
|
|
Which payware anti-virus app do you use and why?
|
|
|
FrSIRT - Gentoo Security Update Fixes MySQL Security Bypass Vulnerability
|
|
|
FrSIRT - Adobe Flash CS3 SWF File Handling Code Execution Vulnerabilities
|
|
|
Jokes Website "jokeid" SQL Injection Vulnerability
|
|
|
Debian update for xwine
|
|
|
FrSIRT - PHP Multiple Buffer Overflow and Restriction Bypass Vulnerabilities
|
|
