|
lsass.exe (5.1.2600.1106)
소프트웨어안에 포함하는 |
이름: | Windows XP Home Edition, Deutsch |
면허: | 상업 |
정보 연결: | http://www.microsoft.com/windowsxp/ |
파일 세부사항 |
파일 경로: | C:\WINDOWS\system32 \ lsass.exe |
파일 날짜: | 2002-08-29 14:00:00 |
버전: | 5.1.2600.1106 |
파일 사이즈: | 11.776 바이트 |
검사함과 파일은 잘게 썬다 |
CRC32: | D2697D2E |
MD5: | 5823 9984 742E 8FD4 CD3F CEEB 5453 66C1 |
SHA1: | 7010 716E 0C17 E3B9 88FC 87A2 F079 AFF4 E3FD C33A |
버전 자원 정보 |
회사명: | Microsoft Corporation |
파일 설명: | LSA Shell (Export Version) |
파일 운영 체계: | Windows NT, Windows 2000, Windows XP, Windows 2003 |
파일 유형: | Dynamic Link Library (DLL) |
파일 버전: | 5.1.2600.1106 |
내부 이름: | lsass.exe |
법적인 저작권: | Microsoft Corporation. All rights reserved. |
원래 파일 이름: | lsass.exe |
제품 이름: | Microsoft Windows Operating System |
제품 버전: | 5.1.2600.1106 |
lsass.exe은 뒤에 오는 보고안에 발견되었다:
|
W32.Nimos.Worm |
기술적 세부사항 ...Copies itself as %Windows%SystemLsass.exe. Note: %Windir% is a variable.... ..."System Handler"="%Windir%SystemLSASS.EXE" to the registry keys:... 제거 지시 ..."System Handler"="%Windir%SystemLSASS.EXE" Do one of the following:... ..."System Handler"="%Windir%SystemLSASS.EXE" Navigate to the registry key:... 근원: http://securityresponse.symantec.com/avcenter/venc/data/w32.nimos.worm.html |
Backdoor.IRC.Ratsou.D |
기술적 세부사항 ...Libparse.exe (A nonmalicious file) Lsass.exe (Detected as Backdoor.IRC.Ratsou.D)... ..."HID.EXE"="%windir%system32dsdn36lsass.exe" "lsass"="%windir%system32dsdn36lsass.exe"... ...which call %Windir%System32Dsdn36lsass.exe when chat files are opened.... 제거 지시 ..."HID.EXE"="%windir%system32dsdn36lsass.exe" "lsass"="%windir%system32dsdn36lsass.exe"... 근원: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.irc.ratsou.d.html |
W32.Sasser.G |
W32.Sasser.G에 관하여 ...W32.Sasser.G is a variant of W32.Sasser.Worm that attempts to exploit the LSASS vulnerability described in Microsoft Security Bulletin MS04-011.... 위협 평가 ...Computer will restart when Lsass.exe process crashes. Releases confidential info:... ...Unpatched systems vulnerable to LSASS exploit - MS04-011 ... 기술적 세부사항 ...Note: The Lsass.exe process will crash after the worm exploits the Windows LSASS vulnerability.... 제거 지시 ...following text in the Comment box: Delay Lsass.exe shutdown. Click OK.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.g.html |
Backdoor.Queen |
W32.Sasser.G에 관하여 ...The Trojan attempts to disguise itself as the normal Windows process named "LSASS.EXE." The Trojan has two components:... 기술적 세부사항 ...Attempts to create a remote thread in "LSASS.EXE" and inject itself into it.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.queen.html |
Backdoor.Lassrv |
기술적 세부사항 ...This file injects lsasrv32.dll into the Windows file Lsass.exe. lsarv32.dll.... ...If the .exe file is executed, it injects lsasrv32.dll as a thread into Lsass.exe. The thread connects to ports... 근원: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.lassrv.html |
W32.HLLW.Lovgate.D@mm |
W32.Sasser.G에 관하여 ...2000, or XP, the worm attempts to disguise itself as the normal Windows process, Lsass.exe. This threat is written in... 기술적 세부사항 ...Injects a thread into "LSASS.EXE" and starts a listening server that provides a command shell on port 20168,... 근원: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.lovgate.d@mm.html |
Backdoor.IRC.Ratsou.B |
기술적 세부사항 ...LibParse.exe, a process viewer, clean. Lsass.exe, hacked mIRC32 client, detected as Backdoor.IRC.Ratsou.B.... ..."HID.EXE"="%System%HID.EXE" "lsass"="%Windir%DebugUserModelsass.exe"... ...extensions in HKEY_LOCAL_MACHINSoftwareClasses, which call %Windir%DebugUserModelsass.exe when chat files are opened.... 제거 지시 ...HID.EXE lsass Exit the Registry Editor.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.irc.ratsou.b.html |
Hacktool.Asni |
기술적 세부사항 ...When Hacktool.Asni is executed on a remote machine, it attempts to crash the LSASS.exe process, which handles some Windows log-on authentication tasks.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/hacktool.asni.html |
W32.Sasser.F.Worm |
W32.Sasser.G에 관하여 ...This worm attempts to exploit the LSASS vulnerability described in Microsoft Security Bulletin MS04-011.... 위협 평가 ...Unpatched systems vulnerable to LSASS exploit - MS04-011. ... 기술적 세부사항 ...For example, 74354_up.exe. The Lsass.exe process will crash after the worm exploits the Windows LSASS vulnerability.... 제거 지시 ...following text in the Comment box: Delay Lsass.exe shutdown. Click OK.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.f.worm.html |
W32.HLLW.Lovgate@mm |
W32.Sasser.G에 관하여 ...XP, the worm will attempt to disguise itself as the normal Windows process, "LSASS.EXE." W32.HLLW.Lovgate@mm is written... 기술적 세부사항 ...If the worm detects the process, "LSASS.EXE," it will attempt to create a remote thread in that particular process and... ...Injects another thread into "LSASS.EXE", which starts a listening server that provides a command shell on port 20168... ...... 근원: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.lovgate@mm.html |
|
|