English
Log in
Search
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

HomeDescriptionsTrojan-DDoS.Win32.Boxed.a

Trojan-DDoS.Win32.Boxed.a

Detected May 19 2004 13:54 GMT
Released May 19 2004 13:54 GMT
Published May 20 2004 07:54 GMT

Technical Details

This is a DDoS (Distributed Denial of Service) Trojan. It conducts a SYN Flood attack on a number of servers in the bootcom.com doman. It works under Windows NT.

When launched, it creates a service named Secure transactions provider, which covertly starts each time the system boots up.

The service launches five threads, each of which sends TCP packets to one of the servers under attack at high frequency, with SYN flags set. This will cause the network to slow noticeably.



Print
Bookmark and Share
Share
Trojans
Trojan-DDoS

This type of malicious program is designed to conduct a DoS attack from an infected computer on a pre-defined address.

Essentially, a DoS attack involves sending numerous requests to the victim machine; this leads to a denial of service if the computer under attack does not have sufficient resources to process all the incoming requests.

In order to conduct a successful DoS attack, malicious users often infect a number of computers with this type of Trojan in advance (for example, as part of a mass spam mailing.) As a result, all the infected computers will attack the victim machine.


Aliases

Trojan-DDoS.Win32.Boxed.a (Kaspersky Lab) is also known as:

  • DDoS.Win32.Boxed.a (Kaspersky Lab)
  • Trojan: DDoS-Boxed (McAfee)
  • Troj/Boxed-A (Sophos)
  • W32/Daboxe.A.worm (Panda)
  • W32/Trojan.FEX (FPROT)
  • DDoS:Win32/Boxed.A (MS(OneCare))
  • Flooder.Boxed (DrWeb)
  • Win32/DDoS.Boxed.A trojan (Nod32)
  • Win32.Worm.Daboxe.A (BitDef7)
  • DDoS.Boxed.A (VirusBuster)
  • Win32:Boxed-L [Trj] (AVAST)
  • Trojan-DDoS.Win32.Boxed (Ikarus)
  • Boxed.Q (AVG)
  • Trojan-DDoS.Win32.Boxed.a <<< TR/Worm.Daboxe.A (AVIRA)
  • TR/Worm.Daboxe.A (AVIRA)
  • Hacktool.DoS (NAV)
  • W32/Boxed.CK (Norman)
  • Hack.DDoSer.Boxed.au (Rising)
  • Trojan-DDoS.Win32.Boxed.a [AVP] (FSecure)
  • TROJ_BOXED.AI (TrendMicro)
  • DDoS.Boxed.A (VirusBusterBeta)

© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.

kaspersky.com

Products

eStore

Threats

Downloads

Support

Partners

About Us

Search

securelist.com

Threats

Analysis

Blog

Descriptions

Glossary

RSS feeds

Contacts

Search