[Intrusions] Need help to identify a trojan
techno.kid at gmx.de
techno.kid at gmx.de
Sat Jul 10 17:59:22 GMT 2004
> Date: Fri, 9 Jul 2004 09:34:50 -0400
> From: "Maxime Ducharme" <mducharme at cybergeneration.com>
> Subject: [Intrusions] Need help to identify a trojan
> Hi to the list,
> one of our customer's servers have been compromised and I'd
> need help to identify trojan used.
I did a shor lookup at www.virustotal.com and "they" know it:
Virus Total
_______________________________________________
Scan results
File: lsassvc.exe
Date: 07/10/2004 19:42:07
----
BitDefender 7.0/20040710 found nothing
ClamWin devel-20040517/20040708 found nothing
eTrustAV-Inoc 4641/20040708 found nothing
F-Prot 3.15/20040708 found nothing
Kaspersky 3.0/20040710 found [Backdoor.Delf.oy]
McAfee 4375/20040709 found nothing
NOD32v2 1.807/20040710 found nothing
Norman 5.70.10/20040709 found nothing
Panda 7.02.00/20040710 found nothing
Sybari 7.5.1314/20040710 found [Backdoor.Delf.oy]
Symantec 8.0/20040709 found nothing
TrendMicro 7.000/20040709 found nothing
So that you know how the trojan is called you should figure out how it
was possible that it came on the IIS...
techno.kid
More information about the Intrusions
mailing list