Win32/Flood [Threat Name] go to Threat

Win32/Flood.C [Threat Variant Name]

Category trojan
Size 355840 B
Aliases RemoteAccess:Win32/Devil (Microsoft)
  TROJ_FLOOD.C (TrendMicro)
  Trojan.Flood.C (BitDefender)
Short description

The trojan serves as a backdoor. It can be controlled remotely.


The trojan does not create any copies of itself.

Payload information

The trojan serves as a backdoor.

It listens on TCP port 65000 .

It can execute the following operations:

  • run executable files
  • delete files
  • open the CD/DVD drive
  • shut down/restart the computer
  • show fake alerts

The trojan may delete files stored in the following folders:

  • c:\­
  • c:\­windows\­
  • c:\­windows\­bureau\­
  • c:\­windows\­command\­
  • c:\­windows\­config\­
  • c:\­windows\­cookies\­
  • c:\­windows\­crystal\­
  • c:\­windows\­cursors\­
  • c:\­windows\­Favoris\­
  • c:\­windows\­fonts\­
  • c:\­windows\­forms\­
  • c:\­windows\­help\­
  • c:\­windows\­history\­
  • c:\­windows\­inf\­
  • c:\­windows\­java\­
  • c:\­windows\­main\­
  • c:\­windows\­media\­
  • c:\­windows\­sysbckup\­
  • c:\­windows\­system\­
  • c:\­windows\­ws2bakup\­
  • c:\­icq\­
Other information

The trojan may create the text file:

  • c:\­#JACK#.txt

Please enable Javascript to ensure correct displaying of this content and refresh this page.