English

Log in

Search

The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service.

Internet threat level: 1

Follow us on

Home→Descriptions→Trojan-DDoS.Win32.Smurf.c

Trojan-DDoS.Win32.Smurf.c

Detected	Jul 01 2003 22:28 GMT
Released	Jul 01 2003 22:28 GMT
Published	May 16 2007 12:18 GMT

Technical Details
Payload
Removal instructions

Technical Details

This Trojan is designed to conduct DDOS attacks. It is a Windows PE EXE file. The file is 40 960 bytes in size.

Payload

When launched, the Trojan displays the console window:

When the program is launched with command line parameters in the format shown below:

<name of executable file><victim's address><number of packets>

the Trojan will start sending the number of packets specified to UDP port 8220 of the computer at the designated address. The packets are 8220 bytes in size.

The interval between each packet being sent is very small, and the program therefore creates intensive network traffic.

The program also provides the option within the command line to point to a file containing a list of addresses for mass mailings.

Removal instructions

If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:

Use Task Manager to terminate the Trojan process.
Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).

Print

Share

Malicious programs

Trojans

Trojan-DDoS

This type of malicious program is designed to conduct a DoS attack from an infected computer on a pre-defined address.

Essentially, a DoS attack involves sending numerous requests to the victim machine; this leads to a denial of service if the computer under attack does not have sufficient resources to process all the incoming requests.

In order to conduct a successful DoS attack, malicious users often infect a number of computers with this type of Trojan in advance (for example, as part of a mass spam mailing.) As a result, all the infected computers will attack the victim machine.

Aliases

Trojan-DDoS.Win32.Smurf.c (Kaspersky Lab) is also known as:

DDoS.Win32.Smurf.c (Kaspersky Lab)

© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.

kaspersky.com

securelist.com