Aliases
Backdoor.ServU-based, Backdoor.Iroffer.1219, BAT/ServU.A, ServU-Daemon, NTRootKit-B.bat, IRC/Flood.mirc, Win32/Iroffer.1219, Backdoor.IRC.Aladinz.L, BKDR_IROFFER.A, IRC_COLDRAGE.B, BAT_IRCOBUS.B, IRC_COLDRAGE.A
Type
Trojan
Description
Troj/Coldrage-A is a backdoor Trojan consisting of several components. Many of the files used by the Trojan are legitimate utilities.
The malicious components of the Trojan are installed as files named:
bot.ini
clean.bat
firehell.ini
hasn.ini
mirc.ini
msdos.sys
patch.bat
remote.ini
secure.bat
servers.ini
soundman.exe
The legitimate components are:
TLIST.EXE - a tool to list running processes
cpu.exe - an IRC file transfer application
regit.exe - a copy of the mIRC v6.03 IRC client
scvhost.exe - an FTP server
spoolvs.exe - an IRC proxy server
Troj/Coldrage-A is controlled via IRC and can be used in distributed denial-of-service attacks.
http://www.sophos.com/virusinfo/analyses/trojcoldragea.html

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic