Lavasoft Malware Labs Blog
Malware Encyclopedia
HEUR:Trojan.Win32.Generic (Kaspersky), Trojan.Win32.Generic!BT (VIPRE), Win32.SuspectCrc!IK (Emsisoft), Backdoor.Win32.Xtrat.FD, GenericInjector.YR, GenericAutorunWorm.YR (Lavasoft MAS)
Behaviour: Trojan, Backdoor, Worm, WormAutorun
HEUR:Trojan.Win32.Generic (Kaspersky), Trojan.Win32.Kryptik.ake (v) (VIPRE), Trojan.Win32.Ransom!IK (Emsisoft), Trojan-PSW.Win32.Zbot.4.FD, GenericInjector.YR (Lavasoft MAS)
Behaviour: Trojan-PSW, Ransom, Trojan
HEUR:Trojan.Win32.Generic (Kaspersky), LooksLike.Win32.Malware!B (v) (VIPRE), Email-Worm.Win32.Brontok!IK (Emsisoft), Virus.Win32.Duel.FD, GenericEmailWorm.YR, GenericIRCBot.YR (Lavasoft MAS)
Behaviour: Trojan, Worm, Email-Worm, EmailWorm, Virus, IRCBot
HEUR:Trojan.Win32.Generic (Kaspersky), Trojan.Win32.Zbot.fdm (v) (VIPRE), Trojan-Spy.Win32.Zbot!IK (Emsisoft), Backdoor.Win32.Farfli.FD, Worm.Win32.Dorkbot.FD, BankerGeneric.YR, GenericInjector.YR, GenericPhysicalDrive0.YR, WormDorkbot.YR, GenericAutorunWorm.YR, GenericIRCBot.YR, GenericDNSBlocker.YR, GenericUDPFlooder.YR, GenericSYNFlooder.YR, GenericProxy.YR, GenericUSBInfector.YR, GenericMSNWorm.YR (Lavasoft MAS)
Behaviour: Trojan-Spy, Banker, Trojan, Backdoor, Flooder, Worm, WormAutorun, IRCBot, MSNWorm, DNSBlocker, UDPFlooder, SYNFlooder, Trojan-Proxy, USBInfector
Trojan-Dropper.Win32.Juntador.k (Kaspersky), Virus.Win32.Xpaj.A (v) (VIPRE), Trojan.Win32.IEDummy.FD, BackdoorIRC.YR, GenericIRCBot.YR (Lavasoft MAS)
Behaviour: Trojan-Dropper, Trojan, Backdoor, Virus, IRCBot
Susp_Dropper (Kaspersky), LooksLike.Win32.Malware!B (v) (VIPRE), Email-Worm.Win32.Brontok!IK (Emsisoft), Virus.Win32.Duel.FD, GenericEmailWorm.YR, GenericIRCBot.YR (Lavasoft MAS)
Behaviour: Worm, Email-Worm, EmailWorm, Virus, IRCBot
HEUR:Trojan.Win32.Generic (Kaspersky), Win32.Malware!Drop (VIPRE), Trojan-PWS.Win32.Zbot!IK (Emsisoft), Trojan-PSW.Win32.Zbot.4.FD, GenericInjector.YR (Lavasoft MAS)
Behaviour: Trojan-PSW, Trojan
Trojan.Win32.Jorik.SpyEyes.bcb (Kaspersky), Trojan.Win32.Generic!BT (VIPRE), Trojan.Win32.Spyeye!IK (Emsisoft), Trojan.Win32.EyeStye.FD, Trojan.Win32.Swrort.3.FD, SpyEye.YR, TrojanEyeStye.YR, GenericInjector.YR (Lavasoft MAS)
Behaviour: Trojan
HEUR:Trojan.Win32.Generic (Kaspersky), Trojan.Win32.Zbot.fdm (v) (VIPRE), Worm.Win32.Dorkbot!IK (Emsisoft), Backdoor.Win32.Farfli.FD, Worm.Win32.Dorkbot.FD, BankerGeneric.YR, GenericInjector.YR, GenericPhysicalDrive0.YR, WormDorkbot.YR, GenericDownloader.YR, GenericAutorunWorm.YR, GenericIRCBot.YR, GenericDNSBlocker.YR, GenericUDPFlooder.YR, GenericSYNFlooder.YR, GenericProxy.YR, GenericUSBInfector.YR, GenericMSNWorm.YR (Lavasoft MAS)
Behaviour: Banker, Trojan, Backdoor, Flooder, Worm, WormAutorun, IRCBot, MSNWorm, DNSBlocker, UDPFlooder, SYNFlooder, Trojan-Proxy, USBInfector
Trojan.Win32.Genome!IK (Emsisoft), Trojan.Win32.FlyStudio.FD, TrojanFlyStudio.YR, GenericEmailWorm.YR (Lavasoft MAS)
Behaviour: Trojan, Worm, EmailWorm
The description has been automatically generated by Lavasoft Malware Analysis System and it may contain incomplete or inaccurate information.
Platform: Win32
Type: Trojan
Size: 126976 bytes
Packer: unknown
Unpacked size: 320 Kb
Language: C++
MD5: 85f087a291256829f418a3be3dd76ad8
SHA1: 112d92cdd5165af9c0d22f931e77f929b97395fa
Aliases: Dorkbot, Trojan.Win32.Generic!BT
Summary
Nrgbot is a Trojan-spy program designed to steal confidential data.
HEUR:Trojan.Win32.Generic (Kaspersky), Trojan-Dropper.Win32.Habbo.a (v) (VIPRE), Virus.Win32.Prorat!IK (Emsisoft), Backdoor.Win32.Farfli.FD, Backdoor.Win32.Xtrat.FD, Trojan-Banker.Win32.Brasil.FD, Trojan.Win32.Delphi.FD, Trojan.Win32.Sasfis.FD, VirTool.Win32.DelfInject.FD, BankerGeneric.YR, GenericInjector.YR, GenericAutorunWorm.YR (Lavasoft MAS)
Behaviour: Trojan-Dropper, Banker, Trojan, Backdoor, Worm, Virus, VirTool, WormAutorun
