Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||Backdoor.Sysbug, Trojan.PWS.Sysdeb, Win32.PSW.LdPinch.G, Troj/Sysbug-A|
|Effects: ||It steals the passwords used on the affected computer.|
|Detection updated on:||Nov. 25, 2003|
|Yes, using TruPrevent Technologies
Sysbug.A is a Trojan type password stealer that has been massively sent in an e-mail message with the subject Re:Mary and an attachment called PRIVATE.ZIP. The attached file is compressed with a ZIP format, and contains a file with a double extension called WENDYNAKED.JPG.EXE.
Sysbug.A tries to steal confidential data, such as passwords belonging to accounts, mail servers (SMTP and POP3), newsgroups, Dial-up and networking accounts, etc. It will then log this information in a file that will be sent to a hacker.
In addition, Sysbug.A has backdoor characteristics, as it opens the TCP port 5555 and waits for control commands to carry out.
Sysbug.A is easy to recognize, as it reaches the computer in an e-mail message that has been massively sent and has the subject Re:Mary and an attachment called PRIVATE.ZIP.