SdBot.msupdate
Category: Trojan
Risk:
Severe Risk
* Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.
Description: SdBot is a Trojan worm that attempts to spread to remote network shares. The Trojan then acts as backdoor monitoring instructions on IRC (Internet Relay Chat) ports. Attacks other hosts on port 135. Connects to IRC server @ 216.65.117.196:1337. msupdate.exe Packed PE_Patch.Morphine msupdate.exe Packed Morphine
Alias: None
Signatures:
process: msupdate.exe: MD5 Hash: 98dac2b06f1d6283ad7
process: msupdate.exe: MD5 Hash: 7edb83733d99ace5711..
Copyright @2006 THR Computer Solutions: SdBot.msupdate