DoS.Perl.Nertt

Class DoS
Platform Perl
Description

Technical Details

This malicious program can be used to conduct a DoS attack on a remote server. It is a script file written in Perl. The infected file is 1803 bytes in size.

Payload

This script conducts DoS attacks on remote servers where HP Openview Omniback is installed. A remote malicious user gives the name of the host to be attacked, and the port to connect to. The default port used is 5555.

The script will attempt to connect to the server 2499999 times. This results in the attacked system crashing due to a lack of RAM, as each time the script connects to the client, a new block of memory is allocated.

Removal instructions

  1. Delete the infected script file.
  2. Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).