TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
BKDR_DRAGDROP.A
Overview
Solution

Malware type: Backdoor

Aliases: Backdoor.Win32.Agent.cw, Generic BackDoor.c, Backdoor.Trojan, TR/Dldr.Small.UW, is a security risk named W32/Downloader.HM, Troj/Small-UW, Backdoor:Win32/Agent.CW

In the wild: No

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 High

Distribution potential:

 Low

Description: 

This backdoor operates as an IRC (Internet Relay Chat) bot that connects to an IRC server and then listens for commands from a remote user. It executes the commands locally on the infected machine, providing remote users virtual control over affected systems.

It allows a remote user to do the following:

  • Perform ICMP distributed denial of service (DDoS) attack
  • Download and execute files

This backdoor usually arrives via a known exploit utilized by the malicious HTML script detected as HTML_DRAGDROP.A.

It runs on Windows 98, ME, NT, 2000, and XP.

For additional information about this threat, see:
Solution
Technical Details

Description created: Sep. 8, 2004 10:24:25 PM GMT -0800
Description updated: Sep. 8, 2004 10:30:38 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.