Sdbot.MH is a backdoor that allows a hacker to carry out the following actions, among others: redirect ports, download and run files, scan ports, update the backdoor, send the backdoor to other IRC channels and launch DoS (Denial of Service) attacks.
Once it is run, Sdbot.MH goes memory resident and uses its own IRC client in order to join an especific IRC channel in a server and receive remote control commands.
Sdbot.MH does not spread automatically using its own means. It needs the attacking user’s intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, e-mail messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.