Class | Email-Worm |
Platform | Win32 |
Description |
Technical Details
Fizzer is an Internet worm that spreads via e-mail messages and KaZaa shared InstallationWhen the worm is launched, it creates the following files in the Windows
The worm also writes a registry key to start itself automatically when Windows
Under Windows NT/2000/XP the worm is able to create a system service, but It also registers as a default handler for files with the “.TXT” extension – resulting in the worm being executed when such files are opened. Replication: KaZaaThe worm copies itself to the KaZaa download directory with random Replication: E-mailThe worm uses its own SMTP engine to send out its copies. The destination
Infected messages have various selected subjects, bodies, and attachment
Backdoor routine: IRCThe worm contains a list of IRC channels it tries to connect to in order receive remote access commands from an attacker. Backdoor routine: OtherThe worm starts HTTP and telnet-like servers and binds them to OtherThe worm captures all keystrokes and writes them to the file named
Most options, like registry key names, IRC and SMTP server names, port |
Find out the statistics of the threats spreading in your region |