Mal/Zapchas-A

Category: Viruses and Spyware Protection available since:07 Jul 2008 21:59:28 (GMT)
Type: Malicious behavior Last Updated:07 Jul 2008 21:59:28 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Mal/Zapchas-A is a family of Trojans for the Windows platform.

Members of Mal/Zapchas-A run continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

When members of Mal/Zapchas-A are installed some of the following files are typically dropped:

aliases.ini
control.ini
explorer.exe
mirc.ico
mirc.ini
nicks.txt
postcard.gif.exe
remote.ini
script.ini
servers.ini
sup.bat
sup.reg
svchost.exe
users.ini

The main dropped executable executable is usually a version of the mIRC chat application, sometimes infected with another virus.

Members of Mal/Zapchas-A often create the following folders:

download
sounds
system\logs

Members of Mal/Zapchas-A often set a registry entry at the following location to run the main dropped executable:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

download Try Sophos products for free
Download now