PHP/Pbot [Threat Name] go to Threat
PHP/Pbot.A [Threat Variant Name]
|Detection created||Oct 07, 2008|
|Signature database version||3501|
The trojan serves as a backdoor. It can be controlled remotely. It is written in PHP .
The trojan does not create any copies of itself.
The trojan collects the following information:
- information about the operating system and system settings
- the path to specific folders
The trojan acquires data and commands from a remote computer or the Internet.
The trojan contains a URL address. The IRC protocol is used in the communication.
It can execute the following operations:
- download files from a remote computer and/or the Internet
- run executable files
- send gathered information
- execute shell commands
- send mail
- perform port scanning
- perform DoS/DDoS attacks
- stop itself for a certain time period