Galapoper.C is a backdoor that connects to several websites that host a PHP script, in order to download a file that contains remote control commands, such as download and run other files or update itself. This file could be different for each affected computer, which opens the door to launching custom attacks.
Galapoper.C sends spam messages with highly variable characteristics, which it composes with the information it obtains from several servers. It can be instructed to modify those email messages every 10 minutes, or whenever an amount of 70,000 email messages sent is reached.
Galapoper.C does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.>