[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] Full-Disclosure] SQL injection worm ?
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: [Full-Disclosure] Full-Disclosure] SQL injection worm ?
- From: Willem Koenings <infsec@xxxxxxxxx>
- Date: Wed, 5 Jan 2005 21:57:56 +0200
Maxime Ducharme mducharme at cybergeneration.com wrote:
> 24.164.202.24 is on rr.com networks, they have also been advised.
>
> I know rbot.exe is known to be Randex worm, but i'd like that have
> some other results / analysis.
What i see is that this rBot.exe acts like regular rbot/sdbot
all the best,
W.
ps. kaspersky also agrees with me : Backdoor.Win32.Rbot.gen
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html