When the Trojan is executed, it attempts to change the administrator password to the following value:
It may then send information collected from the compromised computer (operating system version, current date, computer name) to the following remote locations:
It also changes the desktop background image to a picture that depicts a group of figures wearing the Anonymous mask.
It then attempts to delete files and overwrite the master boot record (MBR) rendering the computer unusable.
Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":