Since this malicious file has similar icon and description, general user can be easily infected.
To prevent from those malicious files, spend some times to maintain about your PC's availability.
In case of being found malicious file disguised as "ALYAC" at 3.3 DDoS, it doesn't have DDoS function, however, lately found malicious file contains DDoS function.
2. Spreading path and symptoms of infection
First of all, recently found malicious file, known as spreading from following URL, can also be spread as an attachment of e-mail.
After downloading and installation, it removes itself, makes clone to this following path, and configures always running while Internet Explorer is being run.
Generated copy continuously tries to access this following URL, and can download additional malicious file. In addition, we expect that generated malicious file can perform as a Backdoor and Bot on registered service level. Currently additional analysis is on the way.
It forged not only the icon but description of "ALYAC". To inspect it deeply, however, you can distinguish between normal and forged description.
<Malicious file> <Normal file>
You can find this difference between malicious and normal file on looking up that red box above.
In addition, it can send GET Packet to certain destination continuously with using "GET Flooding" technique, one of DDoS attacking methods.
3. How to prevent
General user can download without doubt. If infected, it can make a lot of zombie PC. Therefore, to use PC safely from security threats of these malicious attachments, we recommend following "Security management tips" for general users.
INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.