F-Secure Virus Descriptions : Sadhound
On January 25th a new backdoor known as Sadhound has been spammed
in emails with subject 'I Miss You'. Sadhound is not a worm and
does not spread by itself.
Sadhound drops a text file in Windows Temp folder and opens it
with Notepad. The text looks as follow:
There's no
special reason
for sending
this to you,
except that...
I was feeling
a little lonely,
and when I asked myself
what I seemed to be
missing the most,
the answer
turned out to be
...you.
I Miss You
F-Secure Anti-Virus detects Sadhound with the existing updates as a dropper.
[Analysis: Katrin Tocheva, Gergely Erdelyi F-Secure Corp.; January 27th, 2003]
|
