Attention: We have transitioned to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access. While the app may appear unverified, you can confirm its legitimacy by verifying the App ID provided.
10 entries found.
Win32/Sdbot
Microsoft security software detects and removes this family of threats.
This family of backdoor trojans can give a malicious hacker access and control of your PC. They connect to an internet relay chat (IRC) server to receive commands from the hacker.
They can then spread to other PCs, launch denial of service (DoS) attacks, and collect information about your PC.
Alert level:
high
Backdoor:Win32/Sdbot.ZA
Backdoor:Win32/Sdbot.ZA is a backdoor Trojan that allows an attacker to take control of an infected computer. When a computer is infected, the Trojan connects to an Internet Relay Chat (IRC) server and joins a channel in order to receive commands from the controlling attacker. This malware can also spread via network shares with weak passwords, and by exploiting a known vulnerability in the RPCSS Service (addressed in Microsoft Security Bulletin MS03-039).
Alert level:
severe
Backdoor:Win32/Sdbot.A
Backdoor:Win32/Sdbot.A is a backdoor Trojan that allows an attacker to take control of an infected computer. When a computer is infected, the Trojan connects to an Internet Relay Chat (IRC) server and joins a channel in order to receive commands from the controlling attacker. These commands can instruct the Trojan to perform a number of different actions.
Alert level:
severe
Backdoor:Win32/Sdbot.gen!A
Win32/Sdbot is a family of backdoor Trojans that allows attackers to control infected computers. After a computer is infected, the Trojan connects to an internet relay chat (IRC) server and joins a channel to receive commands from attackers. These commands can instruct the Trojan to spread to other computers and can allow attackers to perform other backdoor functions, such as launching denial of service (DoS) attacks and retrieving system information from infected computers.
Alert level:
severe
Backdoor:Win32/Sdbot
Win32/Sdbot is a family of backdoor Trojans that allows attackers to control infected computers. After a computer is infected, the Trojan connects to an internet relay chat (IRC) server and joins a channel to receive commands from attackers. These commands can instruct the Trojan to spread to other computers and can allow attackers to perform other backdoor functions, such as launching denial of service (DoS) attacks and retrieving system information from infected computers.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!O
Backdoor:Win32/IRCbot.gen!O is a generic detection for a trojan that allows unauthorized access and control of an affected machine by a remote attacker using IRC. After a computer is infected, the trojan connects to a specific IRC server and joins a specific channel to receive commands from an attacker. This particular detection may trigger on variants of several different IRC bot families, including Win32/Pushbot and Win32/Synigh.
Alert level:
severe
Worm:Win32/Sdbot
Alert level:
severe
Trojan:Win32/Sdbot
Alert level:
severe
Worm:Win32/Zotob.D
Worm:Win32/Zotob.D is a backdoor Trojan that targets computers running Microsoft Windows 2000 that do not have MS05-039 installed. It can also infect computers running other versions of Windows operating systems if it is delivered through e-mail, instant messaging, or other routes. The Trojan connects to an IRC server from the infected computer to receive commands from attackers.
Alert level:
severe
Worm:Win32/Zotob.D!CME-702
Worm:Win32/Zotob.D is a backdoor Trojan that targets computers running Microsoft Windows 2000 that do not have MS05-039 installed. It can also infect computers running other versions of Windows operating systems if it is delivered through e-mail, instant messaging, or other routes. The Trojan connects to an IRC server from the infected computer to receive commands from attackers.
Alert level:
severe