Class | Email-Worm |
Platform | Win32 |
Description |
Technical DetailsThis is a virus-worm that spreads via the Internet attached to infected Infected messages contain:
The worm activates from infected e-mail only when a user clicks on an attached Installing While installing, the worm copies itself to the Windows system directory with the
where %SystemDir% is the Windows system directory. Spreading To send infected messages, the worm uses Windows MAPI functions and “answers” Local Network The worm scans network shared drives, looks for directories with a WIN.INI file, Other The worm also installs a backdoor Trojan (“Backdoor.DRA”) on an infected machine. The worm creates the dekoy file C:SitesDeSexo.doc, and writes the following text there:
The the worm writes a list of porno sites and opens this file. |
Find out the statistics of the threats spreading in your region |