Detection Published: March 21, 2004
Description Modified: March 25, 2004
Also known as: Backdoor.IRCBot.gen (Kaspersky), W32/Sdbot.worm.gen (McAfee)
SXTbot is an increasingly large family of IRC-controlled worms that contain backdoor functionality. This analysis describes the general behaviour of this family of worms.
Members of this family generally install themselves into the %System% directory. Filenames used by the worm vary, however, Computer Associates antivirus research teams have seen the following filenames used recently in the wild:
The file is generally around 110kb in size.
Your favorite shows are back!
Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!