|
SDBOT.EW destructivo troyano/backdoor roba información controla remotamente ocasiona ataques DoS.
|
|
©
Jorge Machado Lima-Perú
|
|
W32/Sdbot.EW,
SdBot.EW/IRC
 |
|
Sdbot.EW
es un
destructivo troyano/backdoor
reportado el 05 de Febrero del 2004, que se propaga a través de las
Redes Peer to Peer como Kazaa,
Imesh,
Donkey2000,
LimeWire
y Morpheus,
con atractivos nombres.
Infecta con un archivo de nombre Svchostx.exe,
captura y
envía instrucciones a través de su propio IRC
(Internet Chat Relay) al autor. Controla
remotamente a los sistemas infectados y ocasiona ataques DoS por saturación. |
Ha sido producido por el generador de
troyanos/backdoor
SDBOT
0.5b, creado por el hacker ruso [sd]
quien distribuye su código fuente a través de varios sitios web.
Es
un PE
(Portable
Ejecutable) e infecta a Windows/NT/Me/2000/XP,
incluyendo los servidores NT/2000/2003,
con una extensión de 22 KB, está desarrollado en Visual C++ y
comprimido con el utilitario PEtite Win32 Executable Compressor:
http://www.un4seen.com/petite
Una vez ingresado a un sistema se auto-copia a la carpeta %System%
con el nombre de Svchostx.exe
y para
activarse la siguiente vez que se inicie el sistema crea las siguientes llaves
de registro:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
"System Efficiency Monitor" = "Svchostx.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"System Efficiency Monitor" = "Svchostx.exe"
%System%
es la variable C:\Windows\System para
Windows 95/98/Me, C:\Winnt\System32 para
Windows NT/2000 y C:\Windows\System32
para Windows XP.
Al siguiente inicio del
sistema el gusano se auto-copia a las carpetas de descarga de los sistemas
Peer to Peer Kazaa,
Imesh,
Donkey2000,
LimeWire
y Morpheus,
con los siguientes atractivos nombres:
- Hustler Sex Game serial.exe
- Penthouse Sex Game serial.exe
- Playboy Sex Game serial.exe
- Cameron Diaz Sex Game serial.exe
- Angelina Jolie Sex Game serial.exe
- Drew Barrymore Sex Game serial.exe
- Buffy the Vampire Slayer Sex Game
serial.exe
- Britney Spears Sex Game serial.exe
- Kate Hudson Sex Game serial.exe
- Lara Croft Sex Game serial.exe
- Incest Game serial.exe
- Lolita Game serial.exe
- Sex Game serial.exe
- Rape Game serial.exe
- Virtua Girl serial.exe
- Mame Roms serial.exe
- MAME serial.exe
- Nintendo Gamecube Emulator serial.exe
- Gamecube Emulator serial.exe
- Gamecube Disc Copier serial.exe
- XBox emulator serial.exe
- XBox Roms serial.exe
- XBox serial.exe
- Playstation 2 Emulator serial.exe
- Playstation 2 serial.exe
- Playstation Emulator serial.exe
- Playstation Roms serial.exe
- N64 Emulator serial.exe
- SNES Emulator serial.exe
- NES Emulator serial.exe
- N64 Roms serial.exe
- SNES Roms serial.exe
- NES Roms serial.exe
- Atari Roms serial.exe
- All ID Software serial.exe
- Macromedia Studio MX serial.exe
- Macromedia Fireworks MX serial.exe
- Macromedia Dreamweaver MX serial.exe
- Macromedia Flash MX serial.exe
- Adobe Illustrator serial.exe
- Windows XP Security Update serial.exe
- Blaster patch serial.exe
- Microsoft Office 2004 serial.exe
- Microsoft Visio 2003 serial.exe
- SimCity 5 serial.exe
- Jasc Paintshop Pro 8 serial.exe
- Jasc Paintshop Pro 7 serial.exe
- Adobe Photoshop 8 serial.exe
- Adobe Photoshop 7 serial.exe
- Adobe Photoshop 6 serial.exe
- Battlefield 1942 NO CD serial.exe
- Battlefield 1942 serial.exe
- Quake 3 Arena serial.exe
- Quake 3 serial.exe
- Doom 3 serial.exe
- Half Life 2 serial.exe
- Half-Life Counter-strike serial.exe
- Half-Life serial.exe
- Half Life counter Strike serial.exe
- Half Life Counterstrike serial.exe
- Half Life serial.exe
- Doom 2 serial.exe
- Doom serial.exe
- Enemy Territory Aimbot serial.exe
- Return to Castle Wolfenstein serial.exe
- Wolfenstein Enemy Territory Aimbot
serial.exe
- Wolfenstein 3D serial.exe
- Unreal 2 The Awakening serial.exe
- Unreal Tournament 2003 serial.exe
- Unreal Tournament NO CD serial.exe
- UT 2003 serial.exe
- SimCity 4 serial.exe
- Hustler Sex Game crack.exe
- Penthouse Sex Game crack.exe
- Playboy Sex Game crack.exe
- Cameron Diaz Sex Game crack.exe
- Angelina Jolie Sex Game crack.exe
- Drew Barrymore Sex Game crack.exe
- Buffy the Vampire Slayer Sex Game
crack.exe
- Britney Spears Sex Game crack.exe
- Kate Hudson Sex Game crack.exe
- Lara Croft Sex Game crack.exe
- Incest Game crack.exe
- Lolita Game crack.exe
- Sex Game crack.exe
- Rape Game crack.exe
- Virtua Girl crack.exe
- Mame Roms crack.exe
- MAME crack.exe
- Nintendo Gamecube Emulator crack.exe
- Gamecube Emulator crack.exe
- Gamecube Disc Copier crack.exe
- XBox emulator crack.exe
- XBox Roms crack.exe
- XBox crack.exe
- Playstation 2 Emulator crack.exe
- Playstation 2 crack.exe
- Playstation Emulator crack.exe
- Playstation Roms crack.exe
- N64 Emulator crack.exe
- SNES Emulator crack.exe
- NES Emulator crack.exe
- N64 Roms crack.exe
- SNES Roms crack.exe
- NES Roms crack.exe
- Atari Roms crack.exe
- All ID Software crack.exe
- Macromedia Studio MX crack.exe
- Macromedia Fireworks MX crack.exe
- Macromedia Dreamweaver MX crack.exe
- Macromedia Flash MX crack.exe
- Adobe Illustrator crack.exe
- Windows XP Security Update crack.exe
- Blaster patch crack.exe
- Microsoft Office 2004 crack.exe
- Microsoft Visio 2003 crack.exe
- SimCity 5 crack.exe
- Jasc Paintshop Pro 8 crack.exe
- Jasc Paintshop Pro 7 crack.exe
- Adobe Photoshop 8 crack.exe
- Adobe Photoshop 7 crack.exe
- Adobe Photoshop 6 crack.exe
- Battlefield 1942 NO CD crack.exe
- Battlefield 1942 crack.exe
- Quake 3 Arena crack.exe
- Quake 3 crack.exe
- Doom 3 crack.exe
- Half Life 2 crack.exe
- Half-Life Counter-strike crack.exe
- Half-Life crack.exe
- Half Life counter Strike crack.exe
- Half Life Counterstrike crack.exe
- Half Life crack.exe
- Doom 2 crack.exe
- Doom crack.exe
- Enemy Territory Aimbot crack.exe
- Return to Castle Wolfenstein crack.exe
- Wolfenstein Enemy Territory Aimbot
crack.exe
- Wolfenstein 3D crack.exe
- Unreal 2 The Awakening crack.exe
- Unreal Tournament 2003 crack.exe
- Unreal Tournament NO CD crack.exe
- UT 2003 crack.exe
- SimCity 4 crack.exe
- Hustler Sex Game keygen.exe
- Penthouse Sex Game keygen.exe
- Playboy Sex Game keygen.exe
- Cameron Diaz Sex Game keygen.exe
- Angelina Jolie Sex Game keygen.exe
- Drew Barrymore Sex Game keygen.exe
- Buffy the Vampire Slayer Sex Game
keygen.exe
- Britney Spears Sex Game keygen.exe
- Kate Hudson Sex Game keygen.exe
- Lara Croft Sex Game keygen.exe
- Incest Game keygen.exe
- Lolita Game keygen.exe
- Sex Game keygen.exe
- Rape Game keygen.exe
- Virtua Girl keygen.exe
- Mame Roms keygen.exe
- MAME keygen.exe
- Nintendo Gamecube Emulator keygen.exe
- Gamecube Emulator keygen.exe
- Gamecube Disc Copier keygen.exe
- XBox emulator keygen.exe
- XBox Roms keygen.exe
- XBox keygen.exe
- Playstation 2 Emulator keygen.exe
- Playstation 2 keygen.exe
- Playstation Emulator keygen.exe
- Playstation Roms keygen.exe
- N64 Emulator keygen.exe
- SNES Emulator keygen.exe
- NES Emulator keygen.exe
- N64 Roms keygen.exe
- SNES Roms keygen.exe
- NES Roms keygen.exe
- Atari Roms keygen.exe
- All ID Software keygen.exe
- Macromedia Studio MX keygen.exe
- Macromedia Fireworks MX keygen.exe
- Macromedia Dreamweaver MX keygen.exe
- Macromedia Flash MX keygen.exe
- Adobe Illustrator keygen.exe
- Windows XP Security Update keygen.exe
- Blaster patch keygen.exe
- Microsoft Office 2004 keygen.exe
- Microsoft Visio 2003 keygen.exe
- SimCity 5 keygen.exe
- Jasc Paintshop Pro 8 keygen.exe
- Jasc Paintshop Pro 7 keygen.exe
- Adobe Photoshop 8 keygen.exe
- Adobe Photoshop 7 keygen.exe
- Adobe Photoshop 6 keygen.exe
- Battlefield 1942 NO CD keygen.exe
- Battlefield 1942 keygen.exe
- Quake 3 Arena keygen.exe
- Quake 3 keygen.exe
- Doom 3 keygen.exe
- Half Life 2 keygen.exe
- Half-Life Counter-strike keygen.exe
- Half-Life keygen.exe
- Half Life counter Strike keygen.exe
- Half Life Counterstrike keygen.exe
- Half Life keygen.exe
- Doom 2 keygen.exe
- Doom keygen.exe
- Enemy Territory Aimbot keygen.exe
- Return to Castle Wolfenstein keygen.exe
- Wolfenstein Enemy Territory Aimbot
keygen.exe
- Wolfenstein 3D keygen.exe
- Unreal 2 The Awakening keygen.exe
- Unreal Tournament 2003 keygen.exe
- Unreal Tournament NO CD keygen.exe
- UT 2003 keygen.exe
- SimCity 4 keygen.exe
- Hustler Sex Game.exe
- Penthouse Sex Game.exe
- Playboy Sex Game.exe
- Cameron Diaz Sex Game.exe
- Angelina Jolie Sex Game.exe
- Drew Barrymore Sex Game.exe
- Buffy the Vampire Slayer Sex Game.exe
- Britney Spears Sex Game.exe
- Kate Hudson Sex Game.exe
- Lara Croft Sex Game.exe
- Incest Game.exe
- Lolita Game.exe
- Sex Game.exe
- Rape Game.exe
- Virtua Girl.exe
- Mame Roms.exe
- MAME.exe
- Nintendo Gamecube Emulator.exe
- Gamecube Emulator.exe
- Gamecube Disc Copier.exe
- XBox emulator.exe
- XBox Roms.exe
- XBox.exe
- Playstation 2 Emulator.exe
- Playstation 2.exe
- Playstation Emulator.exe
- Playstation Roms.exe
- N64 Emulator.exe
- SNES Emulator.exe
- NES Emulator.exe
- N64 Roms.exe
- SNES Roms.exe
- NES Roms.exe
- Atari Roms.exe
- All ID Software.exe
- Macromedia Studio MX.exe
- Macromedia Fireworks MX.exe
- Macromedia Dreamweaver MX.exe
- Macromedia Flash MX.exe
- Adobe Illustrator.exe
- Windows XP Security Update.exe
- Blaster patch.exe
- Microsoft Office 2004.exe
- Microsoft Visio 2003.exe
- SimCity 5.exe
- Jasc Paintshop Pro 8.exe
- Jasc Paintshop Pro 7.exe
- Adobe Photoshop 8.exe
- Adobe Photoshop 7.exe
- Adobe Photoshop 6.exe
- Battlefield 1942 NO CD.exe
- Battlefield 1942.exe
- Quake 3 Arena.exe
- Quake 3.exe
- Doom 3.exe
- Half Life 2.exe
- Half-Life Counter-strike.exe
- Half-Life.exe
- Half Life counter Strike.exe
- Half Life Counterstrike.exe
- Half Life.exe
- Doom 2.exe
- Doom.exe
- Enemy Territory Aimbot.exe
- Return to Castle Wolfenstein.exe
- Wolfenstein Enemy Territory Aimbot.exe
- Wolfenstein 3D.exe
- Unreal 2 The Awakening.exe
- Unreal Tournament 2003.exe
- Unreal Tournament NO CD.exe
- UT 2003.exe
- SimCity 4.exe
- Unreal 2003 crack.exe
- Xara 3D v1.5 crack.exe
- X-Tract v1.51 crack.exe
- WinZip crack.exe
- WinRAR v2.70 beta 3 crack.exe
- WinRAR v2.00b crack.exe
- WinGage v2.1 crack.exe
- Webgenie ShoppingCart v2.3 crack.exe
- W3Filer32 V1.1.3 crack.exe
- Visual Month v.2.0h crack.exe
- Visual Labels v.3.1g crack.exe
- Visual Envelopes v2.0h crack.exe
- Visual Business Cards v3.11x crack.exe
- VidFun v1.6-3.51 crack.exe
- TRON! v1.06 crack.exe
- Tray Calendar v2.1e crack.exe
- Time & Chaos 16bit v4.08 crack.exe
- The Time Master v1.11 crack.exe
- The Flinstone cuckoo clock for Windows
crack.
- The Cleaner v2.0.0.79 crack.exe
- The Archiver Converter v3.11 crack.exe
- TetFun 2000 vX.XX crack.exe
- Tar98 v2.10 crack.exe
- Super Mail v2.8b crack.exe
- Super Edit v3.3 crack.exe
- SpeedyROM v1.0 crack.exe
- SoftwareFPU v3.0.2 crack.exe
- Smiler Shell 1.4 crack.exe
- SinkSub Pro v1.01 crack.exe
- SideKick v2.0 for Windows crack.exe
- Secure v0.21 crack.exe
- Opera v5.1 crack.exe
- Opera v5.0 crack.exe
- Music Match JukeBox v2.03 crack.exe
- Microsoft CD Key Generator (NEW!!! now
for al
- MixVibes Pro v2.2x crack.exe
- mIRC v5.xx crack.exe
- Mighty Fax v2.7m crack.exe
- Live Image Wizard v1.26 crack.exe
- Linx.Cop.v1.2 crack.exe
- Just the Fax v2.2p crack.exe
- It's Time v2.1c,d,h crack.exe
- Internet Phone (iPHONE) crack.exe
- InterMail 2.2x crack.exe
- How Old Are Ya v4.0 crack.exe
- High Security v1.0 crack.exe
- GWD Text Editor v1.2 crack.exe
- GIF Movie Gear v3.0 crack.exe
- GIF Movie Gear v2.63 crack.exe
- GetRight crack.exe
- Garbage Can crack.exe
- Full Impact v5.5 (mac) crack.exe
- eZip v1.01 For Windows 95/NT crack.exe
- EdTex v2.38 crack.exe
- DLL Show v4.5 crack.exe
- Norton 2003 crack.exe
- Norton 2003 keygen.exe
- Unreal 2003 keygen.exe
- Xara 3D v1.5 keygen.exe
- X-Tract v1.51 keygen.exe
- WinZip keygen.exe
- WinRAR v2.70 beta 3 keygen.exe
- WinRAR v2.00b keygen.exe
- WinGage v2.1 keygen.exe
- Webgenie ShoppingCart v2.3 keygen.exe
- W3Filer32 V1.1.3 keygen.exe
- Visual Month v.2.0h keygen.exe
- Visual Labels v.3.1g keygen.exe
- Visual Envelopes v2.0h keygen.exe
- Visual Business Cards v3.11x keygen.exe
- VidFun v1.6-3.51 keygen.exe
- TRON! v1.06 keygen.exe
- Tray Calendar v2.1e keygen.exe
- Time & Chaos 16bit v4.08 keygen.exe
- The Time Master v1.11 keygen.exe
- The Flinstone cuckoo clock for Windows
keygen
- The Cleaner v2.0.0.79 keygen.exe
- The Archiver Converter v3.11 keygen.exe
- TetFun 2000 vX.XX keygen.exe
- Tar98 v2.10 keygen.exe
- Super Mail v2.8b keygen.exe
- Super Edit v3.3 keygen.exe
- SpeedyROM v1.0 keygen.exe
- SoftwareFPU v3.0.2 keygen.exe
- Smiler Shell 1.4 keygen.exe
- SinkSub Pro v1.01 keygen.exe
- SideKick v2.0 for Windows keygen.exe
- Secure v0.21 keygen.exe
- Opera v5.1 keygen.exe
- Opera v5.0 keygen.exe
- Music Match JukeBox v2.03 keygen.exe
- Microsoft CD Key Generator (NEW!!! now
for al
- MixVibes Pro v2.2x keygen.exe
- mIRC v5.xx keygen.exe
- Mighty Fax v2.7m keygen.exe
- Live Image Wizard v1.26 keygen.exe
- Linx.Cop.v1.2 keygen.exe
- Just the Fax v2.2p keygen.exe
- It's Time v2.1c,d,h keygen.exe
- Internet Phone (iPHONE) keygen.exe
- InterMail 2.2x keygen.exe
- How Old Are Ya v4.0 keygen.exe
- High Security v1.0 keygen.exe
- GWD Text Editor v1.2 keygen.exe
- GIF Movie Gear v3.0 keygen.exe
- GIF Movie Gear v2.63 keygen.exe
- GetRight keygen.exe
- Garbage Can keygen.exe
- Full Impact v5.5 (mac) keygen.exe
- eZip v1.01 For Windows 95/NT keygen.exe
- EdTex v2.38 keygen.exe
- DLL Show v4.5 keygen.exe
- Xara 3D v1.5.exe
- X-Tract v1.51.exe
- WinZip.exe
- WinRAR v2.70 beta 3.exe
- WinRAR v2.00b.exe
- WinGage v2.1.exe
- Webgenie ShoppingCart v2.3.exe
- W3Filer32 V1.1.3.exe
- Visual Month v.2.0h.exe
- Visual Labels v.3.1g.exe
- Visual Envelopes v2.0h.exe
- Visual Business Cards v3.11x.exe
- VidFun v1.6-3.51.exe
- TRON! v1.06.exe
- Tray Calendar v2.1e.exe
- Time & Chaos 16bit v4.08.exe
- The Time Master v1.11.exe
- The Flinstone cuckoo clock for
Windows.exe
- The Cleaner v2.0.0.79.exe
- The Archiver Converter v3.11.exe
- TetFun 2000 vX.XX.exe
- Tar98 v2.10.exe
- Super Mail v2.8b.exe
- Super Edit v3.3.exe
- SpeedyROM v1.0.exe
- SoftwareFPU v3.0.2.exe
- Smiler Shell 1.4.exe
- SinkSub Pro v1.01.exe
- SideKick v2.0 for Windows.exe
- Secure v0.21.exe
- Opera v5.1.exe
- Opera v5.0.exe
- Music Match JukeBox v2.03.exe
- Microsoft CD Key Generator (NEW!!! now
for al
- MixVibes Pro v2.2x.exe
- mIRC v5.xx.exe
- Mighty Fax v2.7m.exe
- Live Image Wizard v1.26.exe
- Linx.Cop.v1.2.exe
- Just the Fax v2.2p.exe
- It's Time v2.1c,d,h.exe
- Internet Phone (iPHONE).exe
- InterMail 2.2x.exe
- How Old Are Ya v4.0.exe
- High Security v1.0.exe
- GWD Text Editor v1.2.exe
- GIF Movie Gear v3.0.exe
- GIF Movie Gear v2.63.exe
- GetRight.exe
- Garbage Can.exe
- Full Impact v5.5 (mac).exe
- eZip v1.01 For Windows 95/NT.exe
- EdTex v2.38.exe
- DLL Show v4.5.exe
- Ditto v1.0.exe
- Ditto v1.0 keygen.exe
- Disk Image v2.30 keygen.exe
- Disk Image v2.30.exe
- Digital Dead keygen.exe
- Digital Dead.exe
- DeckWorks v2.1.exe
- DeckWorks v2.1 keygen.exe
- Data Desk v5.0.exe
- Data Desk v5.0 keygen.exe
- Crystal 3D Designer keygen.exe
- Crystal 3D Designer.exe
- CrossTalk v2.3.1 keygen.exe
- CrossTalk v2.3.1.exe
- Command Line 9x keygen.exe
- Command Line 9x.exe
- Calendar Builder v2.2h.exe
- Calendar Builder v2.2h keygen.exe
- BizDex v2.00.exe
- BizDex v2.00 keygen.exe
- AniMessage 98 v3.0.exe
- AniMessage 98 v3.0 keygen.exe
- Animagic GIF Animator v1.21 and
v1.22.exe
- Animagic GIF Animator v1.21 and v1.22
keygen.
- AIPL Singulator v1.4.exe
- AIPL Singulator v1.4 keygen.exe
- AEP v1.00 keygen.exe
- AEP v1.00.exe
- Advanced Batch Converter v2.65
keygen.exe
- Advanced Batch Converter v2.65.exe
- ACDsee v1.25 keygen.exe
- 1toX v1.23-2.53 keygen.exe
- Winrar 3.11 keygen.exe
- Adobe Illustrator 10.0 keygen.exe
- BATTLEFIELD 1942 keygen.exe
- Windows 2000 Profesional keygen.exe
- Windows XP Serial Full for SP1
WORKING.exe
- Cuteftp Xp 5.exe
- Windows Xp Professional Corporate
Edition key
- Ahead Nero Burning Rom 5.5.10.20
keygen.exe
- Windows 2003 Server 32 Bit Enterprise
keygen.
- Macromedia Fireworks MX v6.0 Trial to
Full.ex
- Macromedia Flash MX 6 Crack by
Insight.exe
- PowerDVD XP v4.0 Crack.exe
- VirtuaGirl v2.05.exe
- Microsoft Office XP Crack.exe
- WinZip 8.1 FULL.exe
- Download Accelerator Plus v5.x.x.x
Keygen.exe
- Macromedia Dreamweaver MX v6.0 Trial To
Full.
- Windows XP Activation Hack (Home, OEM,
Retail
- Windows Server 2003 Activation Crack.exe
- Windows XP Activation Crack.exe
- PKZIP for DOS 2.50.exe
- Super DVD Ripper 1.90a.exe
- NewsBin Pro 3.22.exe
- PDF Editor 1.8.exe
- ACDSee 5.0.1.exe
- Voice Changer Software VCS 3.0.exe
- MPEG4 Direct Maker 3.6.6.exe
- Popup Ad Filter 1.0.exe
- Ashampoo BurnIt DataCD 1.022.exe
- Date Cracker 2000 2.0.exe
- VCDCutter 4.03.exe
- Download Accelerator Plus 5.3.9.6.exe
- My BootDisk 2.71.exe
- Ashampoo WinOptimizer Suite 1.325.exe
- Easy Video Joiner 5.21.exe
- MP3 Sound Recorder 2.79.exe
- Pocket Tanks 1.0.exe
- Edit Buddy 2.0.exe
- PowerDVD 5.0.exe
- PC Booster 1.1.exe
- WinMPG Video Convert 3.3.exe
- Windows XP Themes 2.0c.exe
- Internet Download Manager 3.16.exe
- iOpus STARR Home Edition 3.26.exe
- WaffleGadgets AmpleTime.exe
- dvPong 0.2.exe
- PictPocket Cinema 2.7.exe
- MoreApps for Sony Ericsson P800 1.0.exe
- HisWord Palmtop Bible 1.2.exe
- SuperWaba Java VM 4.0a.exe
- Parashoot 1.1.exe
- Tyra Banks Clipart.exe
- daVinci Link 2.2.exe
- Whack-A-Mole.exe
- Frogs vs Cars 1.21.exe
- Oktopus.exe
- DM Dictionary.exe
- Klondike.exe
- Resco Picture Viewer.exe
- Snood.exe
- MrCar.exe
- Yahtzee Deluxe.exe
- PocketChess.exe
Actuando como Backdoor este troyano posee
su propio motor IRC
(Internet Chat Relay)
a través del cual se conecta a un canal de Chat, envía información a su
autor y ejecuta una diversidad de acciones nocivas en forma remota, tales
como:
Roba claves de CD de los
populares juegos de PC:
- Tiberian Sun
- Red Alert 2
- Command & Conquer Generals
- FIFA 2003
- Need For Speed Hot Pursuit 2
- The Gladiators
- Soldier of Fortune II - Double Helix
- Rainbow Six III RavenShield
- Battlefield 1942 Road To Rome
- Battlefield 1942
- Project IGI 2
- Counter-Strike ( Retail )
- Unreal Tournament 2003
- Half-Life
Captura la
información relacionada a los sistemas, nombre del usuario,
detalles del CPU, cantidad de memoria RAM, relación de procesos en
ejecución, sistema operativo, número de serie del mismo, etc. Igualmente
ejecuta acciones tales como:
- Descarga archivos de
determinados URL y ejecutarlos.
- Se conecta y desconecta a un diferente servidor IRC
- Se une a un canal de
Chat desde el cual extrae la información y envía comandos.
- Ejecuta archivos o
programas en forma remota.
- Termina los procesos
que se encuentren en ejecución.
Finalmente el
gusano intenta ocasionar una Negación de Servicio o ataque DOS
a determinadas direcciones IP que se encuentran encriptadas en su código
viral.
Los payloads
de este troyano/backdoor son los siguientes:
- Se propaga a través de redes Peer to
Peer con una larga lista de atractivos nombres de archivos.
- Captura información del sistema y de las estaciones de trabajo.
- Captura las llaves de CD de populares
juegos de PC.
- Posee su propio motor IRC
(Internet Chat Relay),
a través del cual se conecta a un canal de Chat, envía información a su
autor y ejecuta una diversidad de acciones en forma remota.
- Descarga y ejecuta archivos desde
determinadas direcciones de la web.
- Se conecta a otros servidores IRC.
- Se une a sesiones de canales de Chat.
- Ejecuta ataques DOS y de saturación
SYN, PING y UPD a
determinadas direcciones URL.
PER ANTIVIRUS®
versión 8.5 con registro de virus al 05 de
Febrero del 2004 detecta y elimina eficientemente este
troyano/backdoor.
