Malware type: Worm

Aliases: Trojan-Dropper.Win32.Delf.rc (Kaspersky), BackDoor-AQF (McAfee), W32.Randex (Symantec), Worm/IrcBot.231584 (Avira), Troj/Bckdr-AHR (Sophos),

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 95, 98, ME, NT, 2000, XP

Encrypted: No

Description: 

This worm takes advantage of the Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability.

For more information about this Windows vulnerability, please refer to the following Microsoft Web page:

Microsoft Security Bulletin MS03-026

This worm attempts to log on to systems using a list of user names and passwords. It drops a copy of itself into accessible machines.

It has backdoor capabilities. It executes commands sent in via Internet Relay Chat (IRC).

This worm runs on Windows 95, 98, ME, NT, 2000, and XP.

For additional information about this threat, see:
Solution
Technical Details

Description created: Jan. 20, 2005 10:43:46 AM GMT -0800
Description updated: Jan. 20, 2005 10:58:54 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.