TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
PE_YAMI.A
Overview
Solution

Malware type: File infector

Aliases: Virus.Win32.Niya.a (Kaspersky), W32/Niya.gen (McAfee), W32.Yami.A (Symantec), W32/Niya.A (Avira), Mal/Generic-A (Sophos), Worm:Win32/Niya.A (Microsoft)

In the wild: Yes

Destructive: Yes

Language: English

Platform: Windows XP

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 High

Distribution potential:

 Low

Description: 

TrendLabs has recently received reports of this new virus infecting systems in China. It may cause an infected system to cease functioning. It is also reported to have capabilities similar to the CIH family of viruses.

This virus only infects valid PE files. It validates the type of a targeted file by checking its PE header. It then uses a cavity type of infection, infecting the said file by inserting chunks of its virus code to the host file.

For additional information about this threat, see:
Solution
Technical Details

Description created: May. 18, 2005 11:52:03 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.