|
Description:
This backdoor program takes advantage of the following Windows vulnerabilities:
- Buffer Overflow in SQL Server 2000 vulnerability
- IIS5/WEBDAV buffer overrun vulnerability
- Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability
- Windows LSASS vulnerability
For more information about these vulnerabilities, refer to the following Web pages:
It connects to an Internet Relay Chat (IRC) server, where it listens for commands coming from a remote malicious user. It also steals the Microsoft Windows Product ID as well as CD keys of several game applications.
This backdoor program also terminates several processes, which are usually related to antivirus applications or other malware variants.
It runs on Windows 95, 98, ME, NT, 2000, and XP.
For additional information about this threat, see:
Solution
Technical Details
Description created: Oct. 30, 2004 12:41:03 AM GMT -0800
Description updated: Nov. 23, 2004 3:25:38 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
