|
Description:
This memory-resident worm propagates by dropping copies of its component file BASE.EXE to shared folders used by popular peer-to-peer (P2P) file sharing applications, thus making the worm copy available for download to unsuspecting users. It saves its dropped copies using several file names. Note that this worm can drop several copies of BASE.EXE to the said folders.
It is composed of two (2) .EXE files: BASE.EXE and WINLASS.EXE. Upon executing BASE.EXE, it creates a folder named System in the system root folder. It then connects to a Web site to download and execute WINLASS.EXE.
For additional information about this threat, see:
Solution
Technical Details
Description created: Oct. 4, 2005 4:33:40 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
