Win32/Flood [Threat Name] go to Threat

Win32/Flood.A [Threat Variant Name]

Category trojan
Size 24576 B
Detection created Aug 02, 2006
Detection database version 1688
Aliases Trojan:Win32/Flood.A (Microsoft)
  TROJ_TAUPE.A (TrendMicro)
  Trojan.Devil.1.3.A (BitDefender)
Short description

The trojan serves as a backdoor. It can be controlled remotely.

Installation

The trojan does not create any copies of itself.

Payload information

The trojan serves as a backdoor.


It listens on TCP port 65000 .


It can execute the following operations:

  • run executable files
  • delete files
  • open the CD/DVD drive
  • shut down/restart the computer
  • show fake alerts

The trojan may delete files stored in the following folders:

  • c:\­
  • c:\­windows\­
  • c:\­windows\­bureau\­
  • c:\­windows\­command\­
  • c:\­windows\­config\­
  • c:\­windows\­cookies\­
  • c:\­windows\­crystal\­
  • c:\­windows\­cursors\­
  • c:\­windows\­Favoris\­
  • c:\­windows\­fonts\­
  • c:\­windows\­forms\­
  • c:\­windows\­help\­
  • c:\­windows\­history\­
  • c:\­windows\­inf\­
  • c:\­windows\­java\­
  • c:\­windows\­main\­
  • c:\­windows\­media\­
  • c:\­windows\­sysbckup\­
  • c:\­windows\­system\­
  • c:\­windows\­ws2bakup\­
  • c:\­icq\­
Other information

The trojan may create the text file:

  • c:\­#JACK#.txt

Please enable Javascript to ensure correct displaying of this content and refresh this page.