Perl/Calfbot [Threat Name]
| Detection created | 2013-12-20 |
Short description
Perl/Calfbot.A is a trojan that is used for spam distribution.
Installation
The trojan is usually a part of other malware.
The trojan is usually found in the following folder:
- /tmp/
The following filename is used:
- " "
Other information
The trojan acquires data and commands from a remote computer or the Internet.
The trojan contains a list of URLs. The trojan generates various URL addresses. The HTTP/HTTPS protocol is used.
It may perform the following actions:
- send spam
- update itself to a newer version
- stop itself for a certain time period
- execute shell commands
The trojan collects the following information:
- malware version
- number of emails sent
- number of emails not sent
- user name
- Perl version
- mail program used to send e-mails
- HTTP/HTTPS tool used
The trojan attempts to send gathered information to a remote machine.
For further information follow the links below:
* Report
* Indicators of compromise (IOC)
Threat Variants with Description
| Threat Variant Name | Date Added | Threat Type | |
| Perl/Calfbot.A | 2013-12-20 | trojan |