|
Description:
This memory-resident worm propagates by dropping copies of itself in shared network drives.
It steals login information and saves the obtained data in a file, which can be retrieved by a remote user. Its keylogger component substitutes the standard Microsoft Graphical Identification and Authentication DLL (MSGINA.DLL) to carry out its information-stealing routine.
This worm has backdoor capabilities and is able to listen to TCP port 5190 and wait for remote commands.
It runs on Windows 95, 98, ME, NT, 2000 and XP.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jan. 29, 2004 10:30:49 PM GMT -0800
Description updated: Jul. 2, 2005 2:43:48 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
