Besoin d’aide ? Fais appel à la communauté ou embauche un spécialiste.
Aller à Avira Answers
Date discovered:09/08/2010
In the wild:Yes
Reported Infections:Low
Distribution Potential:Low to medium
Damage Potential:Low to medium
Static file:Yes
File size:40.960 Bytes
MD5 checksum:aea8d7c82c5f432a005c80a9ede32029
IVDF version:

 General Aliases:
   •  Kaspersky: Trojan.Win32.Siscos.acx
   •  F-Secure: Trojan.Win32.Siscos.acx
   •  Sophos: Troj/Siscos-A

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
   • Registry modification
   • Steals information

 Files It copies itself to the following location:
   • %WINDIR%\services.exe

 Registry –  [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
   • "Adobe Update Service"="%WINDIR%\services.exe"

 Messenger It is spreading via Messenger. The characteristics are described below:

– Windows Live Messenger

 IRC – Furthermore it has the ability to perform the following action:
    • connect to IRC server

 Backdoor Contact server:
The following:

 Miscellaneous  Checks for an internet connection by contacting the following web site:

 File details Programming language:
The malware program was written in MS Visual C++.

Description insérée par Irina Diaconescu le jeudi 28 octobre 2010
Description mise à jour par Irina Diaconescu le mercredi 3 novembre 2010

Retour . . . .