Sdbot.AK is a backdoor type Trojan that allows a hacker to carry out the following actions, among others: list and end processes, download and run files, scan ports, update the backdoor, send the backdoor to other IRC channels and scan IP addresses.
Once it is run, Sdbot.AK goes memory resident and uses its own IRC client in order to connect to the server tenjac.cjb.net through the port 6667 to join the IRC channel #x-sc4n and receive remote control commands.
Sdbot.AK does not spread automatically using its own means. It needs the attacking user’s intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, e-mail messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.