[filename.info logo]
[cn cmd.exe][de cmd.exe][es cmd.exe][fr cmd.exe][gb cmd.exe][it cmd.exe][jp cmd.exe][kr cmd.exe][nl cmd.exe][pt cmd.exe][ru cmd.exe][us cmd.exe]
 

cmd.exe (5.1.2600.0)

Contained in software

Name:Windows XP Home Edition, Deutsch
License:commercial
Information link:http://www.microsoft.com/windowsxp/

File details

Filepath:C:\WINDOWS\system32\dllcache \ cmd.exe
Filedate:2002-08-29 14:00:00
Version:5.1.2600.0
Filesize:388.608 bytes

Checksum and file hashes

CRC32:49DB1266
MD5:1CDE DA08 15E6 59B9 6A3C EE52 A32A 1BD7
SHA1:03D6 2DF9 CA73 2897 B480 0CD3 0956 8B99 5BAB DC98

Version resource information

CompanyName:Microsoft Corporation
FileDescription:Windows-Befehlsprozessor
FileOS:Windows NT, Windows 2000, Windows XP, Windows 2003
FileType:Application
FileVersion:5.1.2600.0
InternalName:cmd
LegalCopyright:© Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename:Cmd.Exe
ProductName:Betriebssystem Microsoft® Windows®
ProductVersion:5.1.2600.0

cmd.exe was found in the following malware reports:

Backdoor.RemoteNC

Technical details
...system to delete, rename, copy, execute and any other commands that can be used by Cmd.exe. NOTE:...
...This is because Windows 95/98/Me systems do not use the Cmd.exe file, but instead use the Command.com file....
...The Trojan is coded to use only Cmd.exe and its commands, which will function only on Windows NT/2000/XP systems....
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.remotenc.html

Backdoor.Ndad

Technical details
...attributes, read, write, and edit files, as well as run DOS commands directly through Cmd.exe. A remote user can also upload...
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.ndad.html

Backdoor.RemoteNC.B

Technical details
...execute files and execute other commands that can be used by the command shell (Cmd.exe or Command.com). ...
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.remotenc.b.html

VBS.Suconelo

Technical details
...%System%Regedt32.exe %Windir%Cmd.exe %System%Cmd.exe...
Source: http://securityresponse.symantec.com/avcenter/venc/data/vbs.suconelo.html

Backdoor.Cmdkill

Privacy Policy About Backdoor.Cmdkill Discovered on:...
...June 17, 2003 05:15:29 PM Backdoor.Cmdkill is a Trojan Horse script that can be added to HTML files....
Technical details
... Backdoor.Cmdkill is a simple script that can be inserted into HTML files....
...The script will give an individual with unauthorized access full access to Cmd.exe, thereby allowing him/her to perform virtually anything on the system....
Removal instructions
...Run a full system scan and delete all the files detected as Backdoor.Cmdkill. For specific details on each...
...If any files are detected as infected with Backdoor.Cmdkill, click Delete. Write-up by:...
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.cmdkill.html

VBS.Gaggle.C

Technical details
...current day is the 10th of any month, or later, the worm deletes the file, C:WindowsCmd.exe. If the current day is the...
Source: http://securityresponse.symantec.com/avcenter/venc/data/vbs.gaggle.c.html

Backdoor.Femo

Technical details
...Access the Windows command shell (CMD.exe or command.com) Run executable files...
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.femo.html

W32.Randex.E

Threat assessment
...Compromises security settings: Opens a hidden remote cmd.exe shell. Distribution...
Technical details
...that particular IP address. Creates a hidden Cmd.exe remote shell that will listen on TCP port 4444, allowing an attacker to issue remote...
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.randex.e.html

W32.Miroot.Worm

Technical details
...Copies itself as: C:Cmd.exe %System%Rundll32.exe...
..."(Default)"="C:cmd.exe %1 %*" in the registry key:...
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.miroot.worm.html

Symantec ManHunt 3.0 Security Update 7

Dumaru Worm Propagation MS Welchia Backdoor cmd.exe shell HTTP IIS Webdav Exploit (updated)...
......
Source: http://securityresponse.symantec.com/avcenter/security/Content/2003.08.19b.html



Valid HTML 4.01!