Fizzer is an Internet worm that spreads via e-mail messages and KaZaa shared
When the worm is launched, it creates the following files in the Windows
The worm also writes a registry key to start itself automatically when Windows
Under Windows NT/2000/XP the worm is able to create a system service, but
It also registers as a default handler for files with the “.TXT” extension – resulting in the worm being executed when such files are opened.
The worm copies itself to the KaZaa download directory with random
The worm uses its own SMTP engine to send out its copies. The destination
Infected messages have various selected subjects, bodies, and attachment
Backdoor routine: IRC
The worm contains a list of IRC channels it tries to connect to in order receive remote access commands from an attacker.
Backdoor routine: Other
The worm starts HTTP and telnet-like servers and binds them to
The worm captures all keystrokes and writes them to the file named
Most options, like registry key names, IRC and SMTP server names, port
|Find out the statistics of the threats spreading in your region|