HellRaiser.A
Threat LevelDamageDistribution

Effects 

HellRaiser.A is a remote control program which only affects computers with the operating system Mac installed.

HellRaiser.A carries out the following actions:

• When it is run, it requires the root (administrator) password. If users enter the password, the program will be installed in the computer. However, if it is not entered, the program will not be installed and the computer will not get infected.
• Once it has installed in the computer, it sends an email message to its creator to notify the infection including the IP address of the affected machine.
• It can receive any of the following instructions, among others:
  - Require users' authentication to obtain the root (administrator) password.
  - Download and load files and directories.
  - Search information in the hard disk.
  - Restart and log off the computer.
  - Send spam.
  - View the Desktop of the affected computer.
  - Delete or save the content of the clipboard.
  - Show images and play videos.
  - Send and print messages.
  - Execute AppleScripts.
  - Open/close the CD/DVD tray.

Means of transmission 

HellRaiser.A does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, removable drives likes pendrives, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.

Further Details  

HellRaiser.A is 3,307,783 bytes in size.