Perl Bot Analysis

We got this code from a reader who got hit by this malware just as he patched his horde install. Again, one of these examples that tells you how fast these exploits are spreading, and not to waste any time patching. We do see a lot of these perl bots/worms. They are not to special but kind of a "classic" at this point so I figure its worth while to deconstruct a sample.

These simple perl based bots are in particular popular with lower skilled kids. I left a lot of the special strings like server names and such intact or little obfuscated. A few unimportant details got deleted or modified in order to make the code a bit easier to read and anotate.