RussKill is a harmful web application utilized by cyber-criminals to perform Denial of Service Attacks. RussKill makes use of the HTTP-flood and SYN-flood DoS attacks. Both these attacks basically involve flooding victims with http requests and packets with bogus IP addresses. RussKill can bombard a targeted victim with requests for a service or computer resource. This will cause the computer to saturate and it will be unable to process more data, so the resources and services will become inaccessible.

File System Details

RussKill may create the following file(s):
# File Name Detections
1. %User%\Local Settings\Application Data\microsoft\windows\winfdd.exe
2. %User%\Local Settings\Application Data\microsoft\windows\95548.exe
3. %User%\Start Menu\Programs\Startup\wtnmm.exe
4. %User%\Local Settings\Application Data\microsoft\windows\wtnmm.exe

Registry Details

RussKill may create the following registry entry or registry entries:
"%User%\Local Settings\Application Data\microsoft\windows\wtnmm.exe".db
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: explorer.exe


Most Viewed