We’re currently investigating several file infectors that have affected several countries, particularly Australia. Trend Micro detects these as PE_XPAJ.C, PE_XPAJ.C-1, PE_XPAJ.C-2, and PE_XPAJ.C-O.Based on our initial analysis, these PE_XPAJ variants connect to the following C&C servers to send and receive information: {BLOCKED}.{BLOCKED}.162.208:35516 {BLOCKED}.{BLOCKED}.152.218:35516 {BLOCKED}.{BLOCKED}.71.249:35516 {BLOCKED}.{BLOCKED}.60.108:35516 {BLOCKED}.{BLOCKED}.123.153:35516 {BLOCKED}.{BLOCKED}.132.25:35516 {BLOCKED}.{BLOCKED}.16.5:389 {BLOCKED}.{BLOCKED}.0.1:1056 {BLOCKED}.{BLOCKED}.16.9 {BLOCKED}.{BLOCKED}.16.10 {BLOCKED}.{BLOCKED}.183.224:35516 {BLOCKED}.{BLOCKED}.0.1:1070 {BLOCKED}.{BLOCKED}.16.12:389 {BLOCKED}.{BLOCKED}.4.250:80 […]
Posts Tagged ‘master boot record’
23
Oct
2012
Category General
0 Comments
04
Sep
2012
Symantec Security Response has been investigating further reports of infections of W32.Disstrack, the threat used in the Shamoon attacks. W32.Disttrack is a highly destructive threat that destroys files and the master boot record (MBR) of the infected machine, causing maximum disruption.W32.Disttrack uses a hardcoded “wiping date” which is read from a variably named “.pnf” file […]
Category General
0 Comments
16
Aug
2012
W32.Disttrack is a new threat that is being used in specific targeted attacks against at least one organization in the energy sector. It is a destructive malware that corrupts files on a compromised computer and overwrites the MBR (Master Boot Record) in an effort to render a computer unusable. W32.Disttrack consists of several components: Dropper-the main […]
Category General
0 Comments
WEDNESDAY, APRIL 02, 2025
WHITE PAPERS
Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...
ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...
Latest Comments