W32/Sdbot.F59B!tr
Analysis
W32/Sdbot.F59B!tr - 06-04-04
General Info:
This threat is a "PE" executable file, with file size 84480
Files:
- Copies itself to: undefinedSystemDirectoryundefined
- Drop files: ".exe"
Installation to System:
- When run, it copies itself to:
C:\WINDOWS\ - Drops the following files:
msconfig32x.exe - And creates these registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Intec Service Drivers "msconfig32x.exe"
More Info:
It drops a copy of itself at undefinedwindowsundefined directory. It adds a registry entry to enable itself to run at startup.