病毒名称:
Trojan.MoFei.c.dll
类别: 木马病毒
病毒资料:
破坏方法:
这是一个动态连接库
病毒使用这个插入文件到进程ieXPlorer.exe和LSASS.EXE中,
病毒采用upx压缩,irc木马
病毒执行后在后台运行,同时试图登陆服务器:
Google.ods.org 1080
google.ods.org 8080
rsthost2.ods.org 8080
病毒能进行ip扫描,记录键盘,终止进程,文件操作等
该病毒能进行简单密码探测,密码字典如下:
"12","123","1234","12345","123456","1234567",
"12345678" "654321","54321","fan@ing*","1",
"111","111111","11111111" "000000","00000000",
"888888","88888888","pass","passwd","passWord"
"admin","root","secret","Oracle","super",
"security","stgzs"
病毒的清除法:
使用光华反病毒软件,彻底删除。
病毒演示:
病毒FAQ:
Windows下的PE病毒。
发现日期:
2003-6-6