TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
TROJ_NAROD.A
Overview
Solution

Malware type: Trojan

Aliases: Backdoor.Win32.Dumador.c (Kaspersky), PWS-Narod (McAfee), IRC Trojan (Symantec), BDS/Small.D (Avira), Troj/Narod-B (Sophos),

In the wild: No

Destructive: Yes

Language: English

Platform: Windows 95, 98, ME, 2000, NT, XP

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 High

Distribution potential:

 High

Description: 
This memory-resident malicious Trojan is dropped by PE_DUMARU.A.

It connects to a particular IRC server through port 6667 and proceeds to join a channel.

Once connected, it awaits commands from a malicious user. These commands enable this malware to perform any of the following:

  • Flood a particular IRC server, consequently performing a Denial of Service (DoS) Attack
  • Send the IP address of the affected host to the malicious user

This Trojan malware runs on Windows 95, 98, ME, NT, 2000, and XP systems.

For additional information about this threat, see:
Solution
Technical Details

Description created: Aug. 19, 2003 8:45:05 PM GMT -0800
Description updated: Mar. 21, 2005 8:41:25 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.