F-Secure
Tools
Tibick.F
| Name : | Tibick.F |
| Category: | Malware |
| Type: | Worm |
| Platform: | Win32 |
Summary
Tibick.F is a peer-to-peer (P2P) network application worm with IRC-command like backdoor/bot capabilities.
Additional Details
The Tibick.F worm spreads via peer-to-peer (P2P) network applications.
Upon execution, it drops a file named "svcnet.exe" into the Windows system folder.
The dropped file is set to run during Windows startup with the following registry key:
Tibick.F adds itself to the list of Windows Firewall trusted applications.
It checks for Internet connectivity by creating a connection to
http://tbc3.hanged.tk
Tibick.F also acts as a backdoor or as a bot, and listens for IRC-commands from a remote attacker.
It spreads itself via the following P2P applications:
To spread itself, users of the P2P network must download the worm's file. An appealing file name encourages downloads.
The names used are:
[FSAV_Database_Version]
Version = 2005-01-17_01.
Upon execution, it drops a file named "svcnet.exe" into the Windows system folder.
The dropped file is set to run during Windows startup with the following registry key:
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Shell API32 "svcnet.exe"
It checks for Internet connectivity by creating a connection to
http://tbc3.hanged.tk
Tibick.F also acts as a backdoor or as a bot, and listens for IRC-commands from a remote attacker.
It spreads itself via the following P2P applications:
- EMULE
- IMESH
- KAZAA
- MORPHEUS
- WAREZ
The names used are:
- 321 Studios GamesXCopy 1.0.8
- 3D Slot Car Racing Game 1.0
- 3D Studio Max 6
- ABBY FineReader Pro 7.0
- acdsee 7.0.61
- ACDSee PowerPack 7.0.43
- ACDSee v7.0 Powerpack 7.0
- Acrobat Reader
- Acrobat Reader
- Ad-aware
- Ad-aware Pro
- Ad-aware Professional
- Adult Tetris 2
- After Effects PRO v6.5
- Age of Empires II The Age of Kings
- Age Of Mythology
- Age Of Mythology - The Titans
- Agnitum Outpost Firewall 2.5.369
- Ahead Nero Burning 6.6.0.3 Ultra Edition
- AlbumWrap
- AlbumWrap Extractor v1.0
- Alcohol 120% v1.9.2 build 1705
- Alias Acclaim
- All Products
- All-in-One Secretmaker
- Anti-Trojan 4.0
- AnyDVD 3.9.2.1
- AnyDVD 4.0.4.1
- AOL Instant Messenger (AIM)
- AquaZone Desktop Garden 1.0.1.1 full
- Ares Galaxy
- Ares Lite
- Ashampoo WinOptimizer Platinum Suite 2 2.01
- Avant Browser
- Babylon Pro 5x
- Backyard Baseball 2003
- Backyard Wrestling 2 - There Goes the Neighborhood
- Battlefield 1942
- Battlefield Vietnam
- Battlefield Vietnam Multiplayer Online
- Besieger DreamCatcher Interactive
- BitComet
- BitSpirit 1.2.0 RC3
- Blindwrite Suite 4.5.3
- Blinx 2 - Masters of Time & Space \x6
- Blitzkrieg - Burning Horizon
- C&C Generals
- Call Of Duty
- CCALG - Credit Card Generator
- CD to MP3 Freeware 1.5
- Chicken Invaders 2 2.60
- City of Heroes NCsoft
- Civilization III
- Classic NES Series - The Legend of Zelda
- Clone DVD 2
- CloneCD 5.x
- CloneCD All Version
- CloneDVD v1.x
- CloneDVD v3.x Retail
- CloneDVD2 v2.x
- ColdFusion MX
- Command & Conquer - Generals
- Command & Conquer - Generals Zero Hour
- Command and Conquer - Generals Zero Hour
- Contribute v2.0
- Cool Edit 2000 1.1
- CopyToDVD 3.0.3
- Corel Draw Graphics Suite 12.0
- Counter-Strike Condition Zero
- Crusader Kings Paradox Entertainment
- Cubase Audio XT 3.X
- CWShredder 2.12
- CyberLink PowerDVD v6.0 Deluxe7
- Dark Age Of Camelot - Trials Of Atlantis
- Dark Matter - The Baryon Proj
- dBpowerAmp Music Converter
- DC++ 0.668
- Deus Ex Invisible War
- DFX Audio Enhancement 2.0.1
- Diablo 2
- Dialupass 2.43
- Director 8
- DivX Player
- DivX Player (with DivX Codec)
- dMSN mercury messenger 1.7.0.6
- Doom 3
- Doom 3
- Doom 3 SDK
- Dope Wars
- Download Accelerator Plus
- Download Accelerator Plus 7.3
- Download Accelerator Plus V7.1
- Download Accelerator Plus v7.2 Premium
- Dr Divx
- Dr.Divx 1.0.6 Build 105
- Dragon Ball Z - Budokai 3
- Dragon Ball Z - Supersonic Warriors
- Dragon Warrior VIII
- Dreamweaver 4.0 Patch
- Dreamweaver MX 2004 7.0
- Dreamweaver MX v6.0
- Dreamweaver UltraDev 4.0 Patch
- DRIV3R
- Drug Wars - Underworld 1.3
- Dungeon Lords DreamCatcher Interactive
- Dungeon Siege
- DVD Decrypter 3.5.1.0
- DVD Region-Free 5.5
- DVD Shrink 3.2.0.15
- DVDXCopy Platinum 4.0.3.8
- Easy CD-DA Extractor 7.1.3.1
- Easy CD-DA Extractor 7.13.2
- eIMAGE Recovery 3.0
- eMule
- eMule 0.44b
- Enter the Matrix
- ESPN NFL 2K5 Sega
- Exe Icon Changer 3.753
- F.E.A.R.
- Fable \x6
- Far Cry
- Fifa 2005
- Final Fantasy VII - Advent Children
- Final Fantasy XI - USA
- Final Fantasy XII
- Fire Emblem - Seima no Kouseki
- Fireworks 4.0 Patch
- Flash 5
- Flash All Versions
- Flash MX v6.0
- Flash SWF-Unprotect v2.0
- FlashFXP 2 RC2
- FlashFXP All Version
- FlashFXP v1.4.1
- FlashFXP v1.4.3
- FlashFXP v2.0
- FlashFXP v2.1
- FlashFXP v2.2
- FlashGet Forgotten Realms - Demon Stone
- Flight Simulator 2004 - A Century Of Flight
- Free Internet TV 3.2
- Freedom Force
- FreeHand v10 Loader
- Front Mission 4
- FrontPage XP 2002
- FTP Server Serv-U 5.1 Coporate Edition
- Full Spectrum Warrior
- Geist GetRight 5.2
- Goblin Commander - Unleash the Horde
- Golive v6.0
- Gran Turismo 4 SCEA
- Grand Theft Auto - San Andreas
- Grand Theft Auto 3
- Grand Theft Auto III
- Grand Theft Auto San Andreas
- Grand Theft Auto Vice City
- Grokster
- GTA GX Transcoder 2.10.2350
- Gunbound Trainer
- Half-Life 2
- Half-Life 2
- Half-Life 2
- Halo - Combat Evolved - \x6
- Halo 2
- Harry Potter and the Prisoner of Azkaban Adventure
- Harry Potter and The Sorcerers Stone
- Harry Potter and the Sorcerers Stone
- HeadStrong WebClicker 2.56
- Heroes of Might and Magic IV
- Hidden and Dangerous 2
- HijackThis
- Icewind Dale 2
- ICQ 4
- ICQ Pro 2003b
- Illustrator v10.0 Time Limit
- ImageReady v1.0
- ImageSlurp 2.43
- iMesh
- Internet Download Manager 4.03
- Internet Download Manager v4.02
- IsoBuster Professional v1.7.0.0
- Jedi Academy
- JetAudio Basic
- Joint Operations - Typhoon Rising NovaLogic
- Juiced Acclaim
- Kaspersky (License
- Kaspersky Anti-Hacker v1.7
- Kazaa Download Accelerator Pro
- Kazaa Download Manager 3.0
- KaZaA Lite Plus 1.0
- Kingdom Hearts II
- K-Lite Codec Pack v2.31 Full
- K-Lite Mega Codec Pack 1.13
- Knights Apprentice Memoricks Adventures Games
- LimeWire
- LimeWire (International)
- LimeWire Download Manager 4.2.6
- LimeWire server scanner
- Longhorn Transformation Pack 8.0
- Lord of the Rings The Battle for Middle-earth 1.00
- LostGoggles
- LOTR
- Madden NFL 2003
- Madden NFL 2005 EA
- Mafia
- MagicScore maestro 3.5
- Malice Mud Duck Productions
- Mario Pinball Land Puzzle Nintendo
- Mario Tennis
- Matrix Screensaver
- Max Payne 2
- Max Payne 2 Fall Of Max Payne
- Max Payne 2 The Fall of Max Payne
- MaxPayne 2 The Fall Of Max Payne
- McAfee VirusScan 9.0
- McFarlanes Evil Prophecy
- Medal Of Honor - Allied Assault
- Medal Of Honor - Allied Assault BreakThrough
- Medal of Honor Pacific Assault
- Media Player
- Medieval - Total War
- Mega Man Anniversary Collection
- Metal Gear Acid PSP
- Metal Gear Solid 3 - Snake Eater
- Midnight Club 3 - DUB Edition
- mIRC 6.X
- Monopoly 3
- Morpheus
- Mortal Kombat 4
- Mozilla Firefox
- MP3 Doctor 5.11.15
- mp3DirectCut 1.38
- MS Office XP Activation
- MS Zoo Tycoon
- MSN advert remover
- MSN Messenger ( XP)
- MSN Toolbar
- MSN Toolbar advert remover
- MusicMatch Jukebox Plus 9.00
- MVP Baseball 2004 EA
- MyIE2
- NBA Live 2003
- NBA Live 2004
- NCAA Football 2005 EA
- Need For Speed 5 - \3
- Need for Speed Hot Pursuit 2 CDerator
- Need for Speed Underground
- Need for speed underground - nocd
- Need for Speed Underground 2
- Need for Speed Underground 2
- Need for Speed4 - NOCD
- NeedforspeedUnderground-nocd
- Nero 6 Ultra Edition
- Nero 6 Ultra Edition
- Nero 6 Ultra Edition
- Nero 6 Ultra Edition 6.6.0.1
- NERO 6.6.0.1
- Nero 6.6.0.1
- Nero 6.6.0.3 Ultra
- Nero Burning Rom 6.6.0.3
- Nero Burning Rom Reloaded 6.6.0.1
- Nero Burning ROM v6.x
- Nero Reloaded 6.6.0.1
- Nero Ultra Edition 6.6.0.1
- NetPumper
- NetPumper
- Ninja Gaiden Tecmo
- NOD32 2.12.1
- Norman Virus Control 5.70
- Norton 2004
- Norton 2004 Professional activation
- Norton 2004 Professional Edition
- Norton 2005
- norton 2005
- norton 2005
- Norton AntiSpam 2004
- norton internet security 2005
- Norton Personal Firewall 2005 retail
- nVidia nTune 2005
- Office 2000 Regmaker
- Office 2003 Pro
- Office XP Activation
- Office XP Activation Killer
- Office XP Professional
- Office XP Professional Serial
- Office XP Universal Activator v1.0
- Onimusha 3 - Demon Siege Adventure
- PageMaker v7.0
- Paris Hilton Sex-E Screensaver 1.0
- Partition Magic 8.0
- Photoshop 7
- Photoshop CS
- Photoshop CS 8
- PhotoShop CS 8.0 & ImageReady CS 8.0
- PhotoShop CS v8.0
- Photoshop Universal
- PINNACLE STUDIO PLUS V9.3
- Plus! Media Center Edition
- Pocket Tanks 1.0
- PornSnatcher 2.31
- PowerDVD v5.9 Deluxe
- Psi-Ops - The Mindgate Conspiracy Midway
- Purge Jihad Freeform Interactive LLC
- Quake 3 - The Arena
- QuickTime
- RealPlayer
- RealPlayer
- RealPlayer
- Red Dead Revolver
- RegClean 4.1a
- RegCleaner 4.30.780
- Registry Mechanic
- Registry Mechanic
- Registry Mechanic 3.0
- Resident Evil 4 GC Adventure
- Rise of Nations - Thrones and Patriots
- Risk II 1.0
- RM to MP3 Converter 1.21
- RoboForm
- RoboForm
- Roller Coaster Tycoon
- Rollercoaster Tycoon 3 3
- RollerCoaster Tycoon and Attractions
- RYL Second Life Linden Lab
- Serial Generator v2.0
- Serials 2000 v7.1 Plus (build 06.16.04)
- server 2003
- Server 2003 SP1 Build 1039-2l
- SeXstazy 3.0.2.11
- Shadow Ops - Red Mercury
- ShellShock - Nam 67
- shinoya Success
- Shockwave Player
- Silent Storm - Sentinels _No Company
- Sim City 4 - Rush Hour
- Sim City 4 Deluxe
- Sim Theme Park World
- Sims 2
- Singles - Flirt Up ur Life
- Sniff-em 1.12
- Snood
- Snood
- Snood
- Snowblind
- Soldat 1.1.4
- Soldier of Fortune II- Double Helix
- SolSuite 2004 - Solitaire Card Games Suite
- SolSuite 2004 - Solitaire Card Games Suite
- Sonic the Hedgehog 3
- Spider-Man 2
- Spider-Man 2 GC
- Sponge Bob Square Pants - Operation Krabby Patty
- Spy Sweeper 3.2 147
- Spybot - Search and Destroy
- SpyHunter
- SpyHunter
- spyware doctor
- Spyware Doctor
- Spyware Doctor
- Spyware doctor 2.1
- Spyware Doctor 2.1.0.254
- Spyware Doctor V3
- Spyware Doctor v3.0.0.288
- SpywareBlaster
- Star Wars - Jedi Knight - Jedi Academy
- Star Wars - Knights of the Old Republic
- Star Wars Galactic Battlegrounds- Clone Campaigns
- Star Wars Jedi Knight II - Jedi Outcast
- Star Wars Jedi Knight II- Jedi Outcast
- Star Wars Knights of the Old Republic II - The Sith Lords
- Starcraft - Battlechest
- Strip Poker 2004
- Super dvd Creator 7.5 7.5
- Super Mario Kamek - Magikoopa's Revenge 1.2
- Sygate Personal Firewall PRO v5.5 Build 2577
- Symantec Ghost 8.0
- Symatec System Center V9.0.0.338
- System Mechanic 5.0c
- The Chronicles of Riddick - Escape From Butcher Bay
- The Elder Scrolls III - Morrowind Game of the Year Edition Bethesda Softworks
- The Legend of Zelda - Four Swords Adventures
- The Legend of Zelda - The Minish Cap
- The Legend of Zelda (working title)
- The Lord of the Rings - The Battle for Middle-Earth
- The lord of the rings the battle for middle earth
- The Lord of the Rings The Battle for Middle-earth
- The Lord of the Rings The Return of The King
- The Sims
- The Sims - Hot Date Expansion Pack
- The Sims - Makin Magic Expansion Pack
- The Sims - Superstar Expansion Pack
- The Sims - Unleashed Expansion Pack
- The Sims - Vacation Expansion Pack
- The Sims 2
- The Sims Clock 1.0
- The Sims Deluxe
- The Sims Double Deluxe
- The Sims Vacation
- The Suffering
- The Suffering Midway
- Thief - Deadly Shadows
- Tiger Woods PGA Tour 2004
- Tom Clancys Ghost Recon - Desert Siege
- Tom Clancys Splinter Cell
- Tom Clancys Splinter Cell Pandora Tomorrow
- Tom Clancy's Splinter Cell Pandora Tomorrow
- Tony Hawks Underground
- Total Commander v6.03a PowerPack 25
- Trillian
- Trillian crasher
- Trillian Pro v3.0.950
- Tweak-XP Pro 4.0.2
- Unreal Tournament 2003
- Unreal Tournament 2004
- Unreal Tournament 2004
- Unreal Tournament 2004
- Vampire - The Masquerade - Bloodlines
- VirtualLab Data Recovery
- VirtualLab Data Recovery
- Virtuosa Phoenix Edition
- Warcraft III - Reign Of Chaos
- Warez P2P
- Webroot Spy Sweeper
- Webroot Spy Sweeper
- WebRoot Spy Sweeper 3.5.0.189
- WebSite Watcher v4.02
- Winace 2.x
- Winamp 5.03 Full
- Winamp Full
- WinDVD Platinum 5.0.26.23
- WinMX
- WinRAR
- WinRAR
- WinRAR 3.30 Corporate Ed
- WinRAR 3.x
- WinRAR All
- WinRAR v3.20 Final
- WinRAR v3.30 Final
- WinRAR v3.41 Final
- Winzip
- WinZip
- WinZip 9.x
- WinZip All
- WinZip All Versions
- WinZip Self-Extractor v2.2
- WinZip Self-Extractor v2.2 Patch
- WinZip v8.0
- WinZIP v9.0
- WinZip v9.0 Registration
- World of Warcraft
- Worms Armageddon
- WWE Day of Reckoning GC
- WWE SmackDown! vs. Raw
- XBOX X-Fer Ripper and Transfer
- XP Activation
- XP home edition Activation
- XP Pro 64-bit
- Xp Profesional Sp 2
- XP Professional
- XP Professional ( Corp key )
- XP Slipstreamer v1.0
- XP SP2
- Yahoo Messenger
- ZeroSpyware Lite
- ZipGenius
- Zone Alarm Security Suite 5.5.062
- ZoneAlarm
- ZoneAlarm
- Zoo Tycoon
- Zoo Tycoon
- Zoo Tycoon - Complete Collection
- Zoo Tycoon - Dinosaur Digs
Detection
F-Secure Anti-Virus detects this malware with the following updates:[FSAV_Database_Version]
Version = 2005-01-17_01.