|
Description:
This destructive, persistent, memory resident, multi-process, and multi-threaded worm spreads a copy of itself via email and Network shared drives. This worm consists of two components. The main worm and a Windows executable infector. Trend Micro antivirus detects the Windows file infector component of this worm as PE_ELKERN.A.
Similar to PE_NIMDA.A, this worm also utilizes the exploits for Microsoft Outlook and Outlook Express, which allow the automatic execution of an attachment during preview.
On Windows NT/2K systems, this worm registers itself as a system service. On Windows 9X, it is hidden from the Task List.
More information on this vulnerability is available at:
Microsoft TechNet.
Read more about these variants.
For additional information about this threat, see:
Solution
Technical Details
Description created: Oct. 26, 2001 10:42:07 AM GMT -0800
Description updated: Oct. 26, 2001 10:45:00 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
