Blackcom: Difference between revisions
Nemesis6051 (talk | contribs) No edit summary |
Nemesis6051 (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
{{Lost}} | {{Lost}} | ||
{{Infobox | {{Infobox | ||
|title = | |title = Blackcom | ||
|maker = | |image: VBScript_icon.png | ||
|maker = FlashUpload | |||
|type = [[Application]] | |type = [[Application]] | ||
|date = 2009 | |date = 2009 | ||
|imagecaption = The '''BLACKCOM.VBS''' icon. | |||
}} | }} | ||
'''Blackcom''' is a [[screamer]] trojan created by FlashUpload. It was written in | |||
'''Blackcom''' is a [[screamer]] trojan created by FlashUpload. It was written in [[wikipedia:VBScript|VBScript]]. | |||
When launched, it displays a false MSWORD.exe error message that reads: | When launched, it displays a false MSWORD.exe error message that reads: | ||
| Line 16: | Line 19: | ||
01011011 01101111 01110101 00100000 01000111 00100000 01110100 00100000 01100101 00100000 00100000 00100000 | 01011011 01101111 01110101 00100000 01000111 00100000 01110100 00100000 01100101 00100000 00100000 00100000 | ||
01011011 01101111 01110101 00100000 01000111 00100000 01110100 00100000 01100101 00100000 00100000 00100000 | 01011011 01101111 01110101 00100000 01000111 00100000 01110100 00100000 01100101 00100000 00100000 00100000 | ||
</pre> | </pre> | ||
| Line 24: | Line 26: | ||
An important system file is not found and WINDOWs can no longer run. | An important system file is not found and WINDOWs can no longer run. | ||
After several seconds pass, the trojan initiates a system shutdown and corrupts <code>hal.dll</code> in the System32 directory, rendering Windows unbootable. Furthermore. Blackcom will change the homepage to a [[YouTube]] [[screamer]], but it is unclear what the [[screamer]] was. | After several seconds pass, the trojan initiates a system shutdown and corrupts <code>hal.dll</code> in the System32 directory, rendering Windows unbootable. Furthermore. Blackcom will change the homepage to a [[YouTube]] [[screamer]], but it is unclear what the [[screamer]] was. | ||
==Showcases== | == Showcases== | ||
<u>NOTE</u>: Although this trojan contains a [[screamer]], it is not visible in these showcases. | <u>NOTE</u>: Although this trojan contains a [[screamer]], it is not visible in these showcases. | ||
<div style="text-align: center;"> | <div style="text-align: center;"> | ||
Revision as of 19:34, 9 June 2023
 |
This screamer/shock site is lost. |
|---|
|
This screamer/shock site is lost. |
Blackcom is a screamer trojan created by FlashUpload. It was written in VBScript.
When launched, it displays a false MSWORD.exe error message that reads:
Microsoft Word cannnot open this document because it contains characters MSWORD.EXE does not understant
After a couple seconds, it displays binary false error message that reads:
Microsoft Word Cannot Complete The Operation Requested Due To Security Risks Please include the following in your error report 01011011 01101111 01110101 00100000 01000111 00100000 01110100 00100000 01100101 00100000 00100000 00100000 01011011 01101111 01110101 00100000 01000111 00100000 01110100 00100000 01100101 00100000 00100000 00100000
This message is then followed by Microsoft Sam saying: "CAUTION! A virus has been detected."
Blackcom then displays more bogus fake error messages about svchost.exe and DRVSTORE, then displays a message stating:
An important system file is not found and WINDOWs can no longer run.
After several seconds pass, the trojan initiates a system shutdown and corrupts hal.dll in the System32 directory, rendering Windows unbootable. Furthermore. Blackcom will change the homepage to a YouTube screamer, but it is unclear what the screamer was.
Showcases
NOTE: Although this trojan contains a screamer, it is not visible in these showcases.
