[filename.info logo]
[cn cmd.exe][de cmd.exe][es cmd.exe][fr cmd.exe][gb cmd.exe][it cmd.exe][jp cmd.exe][kr cmd.exe][nl cmd.exe][pt cmd.exe][ru cmd.exe][us cmd.exe]

cmd.exe (5.1.2600.0)

Contained in software

Name:Windows XP Home Edition, Deutsch
Information link:http://www.microsoft.com/windowsxp/

File details

Filepath:C:\WINDOWS\system32\dllcache \ cmd.exe
Filedate:2002-08-29 14:00:00
Filesize:388.608 bytes

Checksum and file hashes

MD5:1CDE DA08 15E6 59B9 6A3C EE52 A32A 1BD7
SHA1:03D6 2DF9 CA73 2897 B480 0CD3 0956 8B99 5BAB DC98

Version resource information

CompanyName:Microsoft Corporation
FileOS:Windows NT, Windows 2000, Windows XP, Windows 2003
LegalCopyright:© Microsoft Corporation. Alle Rechte vorbehalten.
ProductName:Betriebssystem Microsoft® Windows®

cmd.exe was found in the following malware reports:


Technical details
...system to delete, rename, copy, execute and any other commands that can be used by Cmd.exe. NOTE:...
...This is because Windows 95/98/Me systems do not use the Cmd.exe file, but instead use the Command.com file....
...The Trojan is coded to use only Cmd.exe and its commands, which will function only on Windows NT/2000/XP systems....
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.remotenc.html


Technical details
...attributes, read, write, and edit files, as well as run DOS commands directly through Cmd.exe. A remote user can also upload...
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.ndad.html


Technical details
...execute files and execute other commands that can be used by the command shell (Cmd.exe or Command.com). ...
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.remotenc.b.html


Technical details
...%System%Regedt32.exe %Windir%Cmd.exe %System%Cmd.exe...
Source: http://securityresponse.symantec.com/avcenter/venc/data/vbs.suconelo.html


Privacy Policy About Backdoor.Cmdkill Discovered on:...
...June 17, 2003 05:15:29 PM Backdoor.Cmdkill is a Trojan Horse script that can be added to HTML files....
Technical details
... Backdoor.Cmdkill is a simple script that can be inserted into HTML files....
...The script will give an individual with unauthorized access full access to Cmd.exe, thereby allowing him/her to perform virtually anything on the system....
Removal instructions
...Run a full system scan and delete all the files detected as Backdoor.Cmdkill. For specific details on each...
...If any files are detected as infected with Backdoor.Cmdkill, click Delete. Write-up by:...
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.cmdkill.html


Technical details
...current day is the 10th of any month, or later, the worm deletes the file, C:WindowsCmd.exe. If the current day is the...
Source: http://securityresponse.symantec.com/avcenter/venc/data/vbs.gaggle.c.html


Technical details
...Access the Windows command shell (CMD.exe or command.com) Run executable files...
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.femo.html


Threat assessment
...Compromises security settings: Opens a hidden remote cmd.exe shell. Distribution...
Technical details
...that particular IP address. Creates a hidden Cmd.exe remote shell that will listen on TCP port 4444, allowing an attacker to issue remote...
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.randex.e.html


Technical details
...Copies itself as: C:Cmd.exe %System%Rundll32.exe...
..."(Default)"="C:cmd.exe %1 %*" in the registry key:...
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.miroot.worm.html

Symantec ManHunt 3.0 Security Update 7

Dumaru Worm Propagation MS Welchia Backdoor cmd.exe shell HTTP IIS Webdav Exploit (updated)...
Source: http://securityresponse.symantec.com/avcenter/security/Content/2003.08.19b.html

Valid HTML 4.01!