|
Description:
This variant of BKDR_WOMANIZ.B is a memory-resident backdoor program that acts as a modified mIRC executable. It has several IRC script components, detected as IRC_WOMANIZ.C, which determine its capabilities. It is manipulated remotely via IRC and can be used to launch a Distributed Denial of Service (DDoS) attack on mIRC servers and users.
This backdoor drops and executes a batch file malware, which is detected by Trend Micro as BAT_WOMANIZ.C. This batch file malware connects to remote machines on random IP addresses using fixed list of user name and password combinations. It then drops and executes a copy of this backdoor on accessible remote sytems.
This backdoor program runs on Windows 95, 98, ME, NT, 2000, and XP. However, it will more likely infect Windows NT, 2000, and XP machines, since it copies itself into the Admin$ folder, which exists on these systems by default.
For additional information about this threat, see:
Solution
Technical Details
Description created: Aug. 27, 2003 2:12:17 AM GMT -0800
Description updated: Aug. 27, 2003 9:23:48 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
