Description: Open the back door in the local, monitor TCP port 5554, as a FTP server for the remote control command. Virus provides file transfer in the form of FTP. Hackers can steal user machine through the port of documents and other information. Virus scan thread open 128. To the local IP address as the foundation, take a random IP address, crazy test connection port 445, try to use the Windows directory under the Lsass.exe in the presence of a buffer overflow attack, once the attack success will lead to other machines infected with the virus and spread the next round of attacks failed, also will cause the other machine buffer buffer overflow, led to the other machine program of illegal operations, as well as the system abnormality.
To Search:
File list (Check if you may need any files):
Worm.Sasser.c
Download