minimal-minimal

W32/Sdbot.worm!07A3BC38B286

W32/Sdbot.worm!07A3BC38B286

Threat Detail

  • Malware Type: Virus
  • Malware Sub-type: Win32
  • Protection Added: 2014-11-18

Viruses are self-replicating. They are often spread by a network or by transmission to a removable medium such as a removable disk, writable CD, or USB drive. Viruses may also spread by infecting files on a network file system or a file system that is shared by another computer.


Minimum Engine

5600.1067

File Length

78181

Description Added

2014-11-18

Description Modified

2014-11-18

Malware Proliferation

fpo-ti-severity-legend logo-new-mcafee

This is a Virus

File PropertiesProperty Values
McAfee DetectionW32/Sdbot.worm
Length78181 bytes
MD507a3bc38b286c0c7c49f31a7742379c1
SHA14b804d14f400f2fe15967344e5f9b651d53c2104


Other Common Detection Aliases

Company NamesDetection Names
EMSI SoftwareTrojan.Generic.11277544 (B)
ahnlabWin-Trojan/Xema.variant
avastWin32:Trojan-gen
AVG (GriSoft)BackDoor.Generic2.XKW
aviraWORM/Rbot.Gen
KasperskyBackdoor.Win32.Delf.ars
BitDefenderTrojan.Generic.11277544
clamavTrojan.IRCBot-4299
Dr.WebBackDoor.IRC.Sdbot.16412
F-ProtW32/HLL-SysDlrSharer!Eldorado
FortiNetW32/Cosmu.OSG!tr
Microsoftbackdoor:win32/delf.du
SymantecBackdoor.Trojan
EsetWin32/IRCBot.NEU
normanwin32legacy/Delf.JXD
pandaBck/Delf.AAQ
risingBackdoor.Delf.uow
SophosTroj/ZXC-P
Trend Microbkdr_mydoom.smm
vba32Backdoor.Delf
V-BusterBackdoor.Delf!FIx62CrXo3E (trojan)
Vet (Computer Associates)Win32/Bosbot!generic

Other brands and names may be claimed as the property of others.


ActivitiesRisk Levels
No digital signature is presentInformational


McAfee ScansScan Detections
McAfee BetaW32/Sdbot.worm
McAfee SupportedW32/Sdbot.worm



System Changes

Some path values have been replaced with environment variables as the exact location may vary with different configurations.
e.g.
%WINDIR% = \WINDOWS (Windows 9x/ME/XP/Vista/7), \WINNT (Windows NT/2000)
%PROGRAMFILES% = \Program Files


The following files were analyzed:

07a3bc38b286c0c7c49f31a7742379c1.bin

vdisk_ico The following files have been added to the system:

  • %WINDIR%\win32dc\BattleField 1942 hack.exe
  • %WINDIR%\win32dc\Silent Hill 4(cdfix).exe
  • %WINDIR%\win32dc\Sims 2 + codes.exe
  • %WINDIR%\win32dc\Counter-Strike + crack.exe
  • %WINDIR%\win32dc\Counter-Strike_crack.exe
  • %WINDIR%\win32dc\BattleField 1942(crack).exe
  • %WINDIR%\win32dc\Doom 3_cheat.exe
  • %WINDIR%\win32dc\Quake3 cdfix.exe
  • %WINDIR%\win32dc\UT2004_cheat.exe

Please use the following instructions for all supported versions of Windows:


1. Disable Windows System Restore. For instructions, please refer to: http://www.mcafee.com/us/downloads/free-tools/disabling-system-restore.aspx

2. Update your McAfee Anti-Virus product to the latest version (when possible), and ensure the latest DAT and Engine and any applicable EXTRA.DATs are installed.

3. Run a full system scan. (On-Demand Scan)

4. Reboot, as soon as it is convenient, to ensure all malicious components are removed.

Viruses are self-replicating. They are often spread by a network or by transmission to a removable medium such as a removable disk, writable CD, or USB drive. Viruses may also spread by infecting files on a network file system or a file system that is shared by another computer.

This symptoms of this detection are the files, registry, and network communication referenced in the characteristics section.