SecurityHome.eu Win32.Idtsys.A

Home / malware PDF

Win32.Idtsys.A

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Win32.Idtsys.A is also known as N/A.
Explanation :
Once an infected file is executed, the file is dropped in Windows folder and executed.
The virus searches in all the folders sequentially, for windows executable files with GUI (graphic user interface) and it infects 10 executable files from the current folder then waits/sleeps for a number of seconds (0-30), then infects another set of 10 files and then waits and so on.
It has backdoor capabilities, uses socket routines and listens/sends commands and informations (as the Windows type and version) on the port 1863.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20