Backdoor.SubSeven22

Backdoor.SubSeven22 is a Trojan horse. It is generally UPX packed; however, unpacked versions and versions packed with different executable packing software do exist. When packed with UPX, the Trojan horse's size is usually between 370 KB and 390 KB. Larger variations have been encountered, however, with file sizes ranging from 470 KB to 550 KB .

This Trojan horse does not produce any output while running.

CAUTION: Due to evolving packing technology and possible modifications to the Trojan by hackers, new variations of the Trojan may be encountered. If Symantec antivirus products does not detect the encountered variation, then you should submit the possible Trojan samples to Symantec Security Response for further examination.



Norton Internet Security/Norton Internet Protection users
If you are using either of these Symantec firewall programs, the name that is used by the Trojan Block rule to prevent the Trojan from being downloaded to your computer is different from the name that is used by Norton AntiVirus to detect the same threat if it were actually run on your computer or received in email.

Norton Internet Security/Norton Internet Protection will block Backdoor.SubSeven22 from being downloaded to your computer using the Block Rule Backdoor/SubSeven.

Protection

• Initial Rapid Release version April 5, 2000
• Latest Rapid Release version November 10, 2009 revision 038
• Initial Daily Certified version April 5, 2000
• Latest Daily Certified version November 10, 2009 revision 051
• Initial Weekly Certified release date April 5, 2000

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

• Wild Level: Low
• Number of Infections: More than 1000
• Number of Sites: More than 10
• Geographical Distribution: Medium
• Threat Containment: Moderate
• Removal: Moderate

Damage

• Damage Level: Medium

Distribution

• Distribution Level: Medium