Threat Description

Cidra.D

Details

Aliases: Cidra.D
Category: Malware
Type:
Platform: W32

Summary


Cidra.D was discovered on 10th of March 2004. It's a trojan proxy, allowing to use users' computers to relay information, i.e. unsolicited email.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More

Detailed instructions for F-Secure security products are available in the documentation found in the Downloads section of our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for further assistance.



Technical Details


Installation to system

The trojan will add an entry to the Windows registry aiming at being run every time Windows starts. The key will be:

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run\UsbD]   

Which will point where the file is initially run from.

Spreading in

Cidra.D does not spread by itself. It was massively spammed.

Payload

It will relay connections though infected computers, giving its creator a massively distributed distribution channel for spam and other content.



Detection


Detection for this malware was published on March 10th, 2004 in the following F-Secure Anti-Virus updates:

Detection Type: PC
Database: 2004-03-10_02



Technical Details:Ero Carrera, March 10th, 2004


SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Disinfect your PC

F-Secure Anti-Virus will disinfect your PC and remove all harmful files

Learn More