| Name | W32.IRCBot.B |
| Type | Trojan Horse |
| Affected | Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP |
| Risk | Level 2: Low |
| Discovered | October 7, 2003 |
| Update | February 13, 2007 12:08:45 PM |
| Length | |
| Virus Info |
W32.IRCBot.B is a Backdoor Trojan Horse that connects to an IRC server and waits for commands from the hacker. This Trojan is a variant of W32.IRCBot and W32.IRCBot.Gen. Note: It has been reported that W32.IRCBot.B may arrive in an email message about a fake program update for Norton AntiVirus. The sender, updates@symantec.com, is a spoofed email address. Symantec never sends unsolicited email; the attachment should be deleted. The Trojan may arrive in an email with the following characteristics: From: updates@symantec.com (spoofed email address) NOTE: When the nav32.zip file is decompressed, it becomes an executable file named nav32.exe, which is 19Kb in length. The Trojan is packed with UPX. Once this type of Trojan has infected a computer, it is difficult to determine what else the computer has been exposed to. In most cases, changes other than those that the Trojan made will not have occurred. However, a hacker may have been able to use the Trojan to make changes to the computer. Unless you can be absolutely sure that malicious activity has not been performed on the computer, we recommend re-installing the operating system and changing any passwords that may have been compromised. |
| Threat Assessment |
Wild
Damage
Distribution
Writeup By: Neal Hindocha
|
| Details | >W32.IRCBot.B |
convert this post to pdf.
Tags: Trojan Horse, Virus
"Free Scan W32.IRCBot.B
Leave a Comment
You must be logged in to post a comment.