DoS.LockAkk.IISuxor

Class DoS
Platform LockAkk
Description

Removal instructions

If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:

  1. Delete the original malicious program file (the location will depend on how the program originally penetrated the victim machine).
  2. Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).

Technical Details

This malicious program is designed to conduct Denial of Service attacks on a remote server. It is a Linux ELF file. It is 15 048 bytes in size. It is written in C++.

Payload

The program exploits a buffer overflow vulnerability when incoming data is processed by Microsoft IIS HTTP server in order to conduct a DoS attack on the remote machine. The address of the computer and the server’s working directory are designated by the remote malicious user as a inbound parameter when launching the malicious program.

This malicious program may cause the server under attack to suffer reduced performance in supporting network connections.