Thursday, June 12, 2008

[nepenthes] New binary notification

Description Risk
Autostart capabilities: This executable registers processes to be executed at system start. This could result in unwanted actions to be performed automatically. medium
Changes security settings of Internet Explorer: This system alteration could seriously affect safety surfing the World Wide Web. medium
Joins IRC Network: The executable connects to an IRC network, most probably functioning as a zombie in a botnet. high
Performs Address Scan: The executable scans a range of IP Addresses. In most cases these scans identify more potential vulnerable targets. high


The analysis of your file is finished.
You can find your report at http://analysis.seclab.tuwien.ac.at/result.php?taskid=81e476fbfdfa581435e56c5242ea22cb


No comments: