Threat Description

Sadhound

Details

Aliases:Sadhound
Category:Malware
Type:Backdoor
Platform:W32

Summary



On January 25th a new backdoor known as Sadhound has been spammed in emails with subject 'I Miss You'. Sadhound is not a worm and does not spread by itself.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More

You may wish to refer to the Support Community for further assistance. You also may also refer to General Removal Instructions for a general guide on alternative disinfection actions.



Technical Details



Sadhound drops a text file in Windows Temp folder and opens it with Notepad. The text looks as follow:

There's no
 special reason
 for sending
 this to you,
 except that...
 I was feeling
 a little lonely,
 and when I asked myself
 what I seemed to be
  missing the most,
  the answer
  turned out to be
...you.
 I Miss You

F-Secure Anti-Virus detects Sadhound with the existing updates as a dropper.





Technical Details: Katrin Tocheva, Gergely Erdelyi F-Secure Corp.; January 27th, 2003


SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Disinfect your PC

F-Secure Anti-Virus will disinfect your PC and remove all harmful files

Learn More