RBot.svchost323
Category: Trojan
Risk:
Severe Risk
* Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.
Description: RBot is a Trojan worm that spreads through network shares and provides various backdoor capabilities to the attacker. Connects to IRC server @ 69.31.78.210:4254. svchost323.exe Packed PE_Patch svchost323.exe Packed MewBundle svchost323.exe Packed MEW piracy[1].exe Packed UPX
Alias: None
Signatures:
process: svchost323.exe: MD5 Hash: c65c9c4bb67234e5b02
process: piracy[1].exe: MD5 Hash: dd1fa37623c36bd5ab0..
Copyright @2006 THR Computer Solutions: RBot.svchost323