Description:
On September 22, 2006, in the face of increasing infections and seemingly endless release of new variants into the wild, the Trend Micro Japan office declared a local alert to control the onslaught of WORM_STRATION, which was quickly gaining the notoriety for spawning iterations in rates not seen since 2005's MYTOB. In just a few weeks, WORM_STRATION was also found spreading like wild fire in the rest of the world, primarily in the US. Read an article documenting the STRATION event here: The STRATION Strategy. |
To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Behavior Diagram shown below.
Malware Overview
This Trojan may arrive on a system as an attachment to a spammed email message.
Upon execution, it drops a copy of itself using a random file name in the Windows system folder.
It also downloads a file detected by Trend Micro as WORM_STRAT.DR from certain URLs. Thus, the routines of the downloaded worm are also exhibited on the affected system.
It may display the following message upon execution:
Moreover, it may drop and open a text file having a random file name in the folder where it originally executes. The said dropped file contains garbage characters.
For additional information about this threat, see:
Solution
Technical Details
Description created: Oct. 18, 2006 5:49:51 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
