Analysis by: Christopher Daniel So
 ALIASES:

Virus:Win32/Alureon.K (Microsoft), Backdoor.Tidserv!inf (Symantec), Patched-SYSFile.e (McAfee), Virus.Win32.TDSS.e (Kaspersky), Troj/TDL3Sys-A (Sophos)

 PLATFORM:

Windows 2000, Windows XP, Windows Server 2003

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:

  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes


  TECHNICAL DETAILS

Tipo de compactação: 52,352 bytes
Tipo de arquivo: SYS
Residente na memória: Yes
Data de recebimento das amostras iniciais: 04 May 2011

NOTES:
This is the Trend Micro detection for .SYS files that are modified by TDSS malware to aid its routines. The patched codes are responsible for executing the malware during startup and inject its component files into running processes. It also has rootkit capabilities, which enables it to hide its processes and files from the user.