Blackcom: Difference between revisions

From Screamer Wiki
Jump to: navigation, search
m (→‎Link: remove toc/tocdefault)
No edit summary
 
(13 intermediate revisions by 4 users not shown)
Line 1: Line 1:
{{Lost}}
{{Lost}}
{{Infobox  
{{Infobox  
|title =  
|title = Blackcom
|maker = FlashUploads
|image = VBScript_icon.png
|maker = FlashUpload
|type = Application
|type = Application
|date = 2009
|date = 2009
|imagecaption = The '''BLACKCOM.VBS''' icon.
}}
}}
'''Blackcom''' is a [[screamer]] trojan created by FlashUploads, written in Visual Basic Script.


When activated, it displays a false MSWORD.exe error message, then pauses and displays a binary false error message, followed by Microsoft Sam saying: "''CAUTION! A virus has been detected.''"
'''Blackcom''' is a [[screamer]] [[application]] created by FlashUpload. It was written in [[wikipedia:VBScript|VBScript]].


Blackcom then displays more bogusfake error messages, one of which is about svchost.exe, pauses, and initiates a system shutdown in 10 seconds, corrupting hall, dll in the system32 directory, rendering Windows unbootable, Furthermore, Blackcom will replace the internet homepage with a [[YouTube]] [[screamer]], but it is uncleared what the [[screamer]] was.
When launched, it displays a false MSWORD.exe error message that reads: "Microsoft Word cannnot open this document because it contains characters MSWORD.EXE does not understant".
==Link==
After a couple seconds, it displays a false binary error message that reads:<pre>
*[https://malwiki.org/index.php?title=Blackcom Malware Wiki's Page]
Microsoft Word Cannot Complete The Operation Requested Due To Security Risks
<br>
 
Please include the following in your error report
 
01011001 01101111 01110101 00100000 01000111 00100000 01110100 00100000 01100101 00100000 00100000 00100000
01011001 01101111 01110101 00100000 01000111 00100000 01110100 00100000 01100101 00100000 00100000 00100000
</pre>
This message is then followed by [[wikipedia:Microsoft_text-to-speech_voices#Windows_2000_and_Windows_XP|Microsoft Sam]] saying: "CAUTION! A virus has been detected."
 
Blackcom then displays more fake error messages about svchost.exe and DRVSTORE, then displays a message stating: "An important system file is not found and WINDOWs can no longer run."
 
After several seconds pass, the trojan initiates a system shutdown and corrupts "hal.dll" in the System32 directory, rendering Windows unbootable. Furthermore. Blackcom will change the homepage to a [[YouTube]] [[screamer]], but it is unknown what the screamer was.
== Showcases==
<u>NOTE</u>: Although this trojan contains a [[screamer]], it is not visible in these showcases.
<div style="text-align: center;">
<youtube width="320" height="180">zh8ceqtyGVI</youtube>
<youtube width="320" height="180">zIXIJCopsDo</youtube>
</div>
{{Maliciousnav}}
{{Maliciousnav}}
{{Comments}}
{{Comments}}
[[Category:2009]]
[[Category:Malware]][[Category:2009]]
[[Category:Other makers]]
[[Category:Other makers]]
[[Category:Malicious scripts]]
[[Category:Malicious scripts]]
[[Category:Applications]]
[[Category:Applications]]
[[Category:Other scary images]]
[[Category:Other scary images]]
__NOTOC__

Latest revision as of 22:24, 17 December 2023

This screamer/shock site is lost.
This page is about a screamer or shock site which doesn't appear to exist anymore. If you have any copies of this, please add them to the page or in the comments. You can also find a comprehensive list of Lost screamers here.

This screamer/shock site is lost.
This page is about a screamer or shock site which doesn't appear to exist anymore. If you have any copies of this, please add them to the page or in the comments.

Blackcom is a screamer application created by FlashUpload. It was written in VBScript.

When launched, it displays a false MSWORD.exe error message that reads: "Microsoft Word cannnot open this document because it contains characters MSWORD.EXE does not understant".

After a couple seconds, it displays a false binary error message that reads:

Microsoft Word Cannot Complete The Operation Requested Due To Security Risks 

Please include the following in your error report 

01011001 01101111 01110101 00100000 01000111 00100000 01110100 00100000 01100101 00100000 00100000 00100000
01011001 01101111 01110101 00100000 01000111 00100000 01110100 00100000 01100101 00100000 00100000 00100000

This message is then followed by Microsoft Sam saying: "CAUTION! A virus has been detected."

Blackcom then displays more fake error messages about svchost.exe and DRVSTORE, then displays a message stating: "An important system file is not found and WINDOWs can no longer run."

After several seconds pass, the trojan initiates a system shutdown and corrupts "hal.dll" in the System32 directory, rendering Windows unbootable. Furthermore. Blackcom will change the homepage to a YouTube screamer, but it is unknown what the screamer was.

Showcases

NOTE: Although this trojan contains a screamer, it is not visible in these showcases.

Comments

Comments

Loading comments...