Malware Payload Code detection

critical Nessus Plugin ID 31854

Synopsis

The remote service seems to be distributing the payload of malware code.

Description

The remote port seems to be sending the payload of a malware. This is used by some worms when spreading by infecting other hosts.

The system is probably infected by a worm or a Trojan horse.

Solution

Check your system integrity and disinfect it.

See Also

https://en.wikipedia.org/wiki/Storm_worm#Botnetting

Plugin Details

Severity: Critical

ID: 31854

File Name: malware_payload_detect.nasl

Version: 1.15

Type: remote

Family: Backdoors

Published: 4/11/2008

Updated: 4/11/2022

Configuration: Enable thorough checks

Asset Inventory: true

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: global_settings/disable_service_discovery