Home / malwarePDF  

Win32.Idtsys.A


First posted on 21 November 2011.
Source: BitDefender

Aliases :

Win32.Idtsys.A is also known as N/A.

Explanation :

Once an infected file is executed, the file is dropped in Windows folder and executed.
The virus searches in all the folders sequentially, for windows executable files with GUI (graphic user interface) and it infects 10 executable files from the current folder then waits/sleeps for a number of seconds (0-30), then infects another set of 10 files and then waits and so on.
It has backdoor capabilities, uses socket routines and listens/sends commands and informations (as the Windows type and version) on the port 1863.

Last update 21 November 2011

 

TOP