This malicious program is designed to conduct Denial of Service attacks on a remote server. It is a Windows PE EXE file. It is 40960 bytes in size. It is written in Visual Basic.
Payload
Once launched, the program displays its main window:
The malicious user then enters the victim’s IP address. Once the “Attack!” button has been pressed, a large number of ping requests or finger requests will be sent to the victim machine.
Once the attack is underway, the Trojan causes the following message to be displayed:
Removal instructions
1. Use Task Manager to terminate the malicious program’s process.
2. Delete the original program file (the location will depend on how the program originally penetrated the victim machine).
3. Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).
No comments:
Post a Comment