Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Threats Worm Win32

Worm.Win32.WBNA.asy

Update Date
11/02/2023

Class: Worm

Worms spread on computer networks via network resources. Unlike Net-Worms, a user must launch a Worm in order for it to be activated. This kind of worm searches remote computer networks and copies itself to directories that are read/write accessible (if it finds any). Furthermore, these worms either use built-in operating system functions to search for accessible network directories and/or they randomly search for computers on the Internet, connect to them, and attempt to gain full access to the disks of these computers. This category also covers those worms which, for one reason or another, do not fit into any of the other categories defined above (e.g. worms for mobile devices).

Read more

Platform: Win32

Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.

Family: WBNA

No family description

Examples

11821CAF68823ED7EF73B3182FB117DE
C062364E0C510948CB3D057502C0C891
51E78C513B152C6AB95FDBD1C73E757E
B0E7027EC1DB1667FE9029151EB71D28
322DC332AC764E18BA276572FB1247AB

Tactics and Techniques: Mitre*

TA0005
Defense Evasion

Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.


T1036
Masquerading

Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.


* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
12 December 2025
Securelist
Following the digital trail: what happens to data stolen in a phishing attack
12 December 2025
Securelist
Turn me on, turn me off: Zigbee assessment in industrial environments
11 December 2025
Securelist
Hunting for Mythic in network traffic
11 December 2025
Securelist
It didn’t take long: CVE-2025-55182 is now under active exploitation
09 December 2025
Securelist
Goodbye, dark Telegram: Blocks are pushing the underground out
03 December 2025
Securelist
Shai Hulud 2.0, now with a wiper flavor
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Threat
Confirm changes?
Your message has been sent successfully.