Hello

the file that you sent to us for analysis was a Trojan that we will detect
as Troj/SDBot-Fam. This is a family of backdoor Trojans which allow a
remote intruder to access and control the computer via IRC channels. When
run it tries to connect to an IRC server and join a specific channel. The
Trojan then runs continuously in the background as a server process,
listening on the IRC channel for specific commands and carrying out the
appropriate actions. When the Trojan is first run it may copy itself to the
Windows or Windows System folder and create an entry in the System Registry
to run itself on start-up.

I have attached an IDE file that will allow Sophos to detect this. Please
do not hesitate to contact me if I can be of any further assistance.

Regards


Sophos Technical Support