TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
WORM_ALLAPLE.B
Overview
Solution

Malware type: Worm

Aliases: Net-Worm.Win32.Allaple.b (Kaspersky), W32.Rahack.W (Symantec), WORM/Allaple.Gen (Avira), W32/Allaple-F (Sophos),

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 High

Distribution potential:

 High

Infection Channel 1 : Propagates via network shares

Infection Channel 2 : Propagates via software vulnerabilities

Description: 

This worm may be downloaded from a remote site by other malware. It may be dropped by other malware. It may arrive via network shares. It may be downloaded unknowingly by a user when visiting malicious Web sites.

It drops copies of itself.

It creates registry entries to enable its automatic execution at every system startup.

It propagates via network shares. It drops copies of itself into available network shares. It uses the credentials of the user currently logged onto the affected system to gain access to target network shares.

It takes advantage of the following software vulnerability(ies) to propagate across networks:

  • Update for RPC/DCOM vulnerability

More information about this vulnerability is found in this Web site:

This worm is capable of performing distributed denial of service (DDoS) attacks by sending Echo requests within the network.

For additional information about this threat, see:
Solution
Technical Details

Description created: Dec. 26, 2006 7:19:30 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.