Trojan.BlackRev

Trojan.BlackRev, otherwise known as the 'Black Revolution' Trojan, is called for the Mutex set in early versions of the malware infections. Trojan.BlackRev is a DDoS-specific bot with numerous attacks. Trojan.Blackrev accepts instructions from a command-and-control (C&C) server which may use the targeted PC in distributed denial-of-service (DDoS) attacks. Once run, Trojan.BlackRev communicates with a remote host which is used to register the corrupted PC on the botmaster's network. Trojan.BlackRev may also kill the processes such as 'winlogon.exe', 'explorer.exe' and 'smss.exe'. Trojan.BlackRev requests a list of targets to launch DDoS attacks against. Trojan.BlackRev may initiate a DDoS attack by fulfilling the particular actions on the infected computer system such as execute UDP and TCP floods with appended data, execute ICMP, SYN, and UDP floods and send multiple GET and POST requests to particular websites. Trojan.BlackRev may also fulfill other actions such as kill the bot process, drop and run files, end the existent attack, sleep for an hour and reboot the PC. Trojan.BlackRev may also make changes to the access control list (ACL) on the affected PC.