TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
BKDR_TDSS.CG
Overview
Solution

Malware type: Backdoor

Aliases: Rootkit.Win32.TDSS.cig (Kaspersky), Generic.dx (McAfee), Backdoor.Trojan (Symantec), Trojan:Win32/Sudiet.B (Microsoft)

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 High

Distribution potential:

 Low

Description: 

This backdoor may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.

This backdoor drops files and modifies several system files in order to load itself as a system service. Trend Micro detects files dropped/modified as TROJ_PATCHED.CE and BKDR_TDSS.CG

It also chooses randomly from several Web sites to download an encrypted configuration file. It then copies the contents of this encrypted file to memory. Once decrypted, the said file contains certain commands which the remote malicious user may execute on the affected machine.

For additional information about this threat, see:
Solution
Technical Details

Description created: Jan. 29, 2009 9:38:30 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.