SundMan.A is a worm that spreads by copying itself, without infecting other files.
- In the local network:
it generates a large amount of network activity and consumes bandwidth.
It reduces the security level of the computer:
it listens on open ports in order to control the computer remotely.
SundMan.A prevents access from programs to websites of several companies related with security tools (antivirus programs, firewalls, etc.).
It uses stealth techniques to avoid being detected by the user:
- It injects itself in running processes.
SundMan.A does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.