|
|
 |
| RBOT-GCJ Information |
|
|
| Threat Name: RBOT-GCJ |
|
|
| 32/Rbot-GCJ is a worm with IRC backdoor functionality for the Windows platform. It spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), SRVSVC (MS06-040), RPC-DCOM (MS04-012) and ASN.1 (MS04-007).
It runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels. |
More Information |
|
|
|
|
|
| |
|
|
|
| |
Scan for this threat |
|
|
|
|
|
|
BACKDOOR
a means of access to a computer program that bypasses security mechanisms. A programmer may sometimes install a back door so that the program can be accessed for troubleshooting or other purposes, but an attacker may exploit or use a back door to get unauthorized access to information or install spyware.
|
|
|
|
1 Identified Patterns
| EXE Files |
DLL Files |
Other Files |
|
|
|
|
|
|
|
|
|
|
