Security Bulletins
Latest Malware Updates
Downloader.Busadom!g102/27/2015Infostealer.Posteal02/26/2015Downloader.Busadom02/26/2015Trojan.Ladocosm02/26/2015SONAR.SuspDocRun02/25/2015SONAR.SuspHelpRun02/25/2015W32.Tempedreve.D!inf02/25/2015SONAR.PUA!AlnadInsta02/25/2015SONAR.Infostealer!g502/25/2015SONAR.Infostealer!g402/25/2015 |
10/27/2014
Trojan.AlnaddyType: TrojanDiscovered: 27.10.2014 Updated: 27.10.2014 Affected systems: Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP AV Vendor: Symantec Description: Trojan.Alnaddy is a Trojan horse that may download threats onto the compromised computer.The Trojan may be downloaded and executed manually. Once executed, the Trojan creates the following files:
It then creates the following registry entries:
Next, the Trojan creates a service with the following properties:
It then creates the following registry subkeys to register itself as a service:
Once executed, the Trojan starts an installation wizard which may ask user to install a toolbar. The Trojan may also install additional software on the compromised computer. The Trojan may also connect to the following remote location:
The Trojan then downloads a configuration file to tell it where to download further potentially malicious files. |
Security Advisories Database
Remote Code Execution Vulnerability in Microsoft OpenType Font DriverA remote attacker can execute arbitrary code on the target system. 07/21/2015Multiple Vulnerabilities in Linux kernel03/04/2015SQL Injection Vulnerability in PiwigoSQL inection vulnerability has been discovered in Piwigo. 02/05/2015Cross-site Scripting Vulnerability in DotNetNukeA cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke. 02/05/2015Cross-site Scripting Vulnerability in Hitachi Command SuiteA cross-site scripting vulnerability was found in Hitachi Command Suite. 02/02/2015Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk HandlingAn attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-ForwardsAn attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"An attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in Linux Kernel spliceAn attacker can perform a denial of service attack. 01/29/2015Denial of service vulnerability in Python Pillow Module PNG Text Chunks DecompressionAn attacker can perform a denial of service attack. 01/20/2015 |