WORM_SDBOT.APP - Description and solution

WORM_SDBOT.APP

Overview

Solution

Technical Details

Malware type: Worm

Aliases: W32.Spybot.Worm, W32/Rbot-WD, W32/Sdbot.worm, Win32.Rbot.BSR

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP

Encrypted: No

Overall risk rating:

Reported infections:
Damage potential:		High
Distribution potential:		High

Description:

This worm spreads through network shares. It searches for and lists down the available network shares, where it then attempts to drop a copy of itself.

It also generates IP addresses and attempts to drop a copy of itself to the target address' default shares. It may also use a list of strings as user names and passwords in order to gain access to password-protected shares.

This worm has backdoor capabilities, and may execute commands coming from a remote malicious user. It also steals the CD keys, serial numbers, and product IDs of certain applications installed on the affected system.

For additional information about this threat, see:
Solution
Technical Details

Description created: Feb. 18, 2005 12:47:31 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.