|
Description:
TrendLabs has received several infection reports of this network worm.
When the system date ranges between February 9 to 12, this worm launches a denial of service (DoS) attack against www.microsoft.com. It sleeps for a short period before once again performing another round of a DoS attack against the same target Web site.
Its propagation method is quiet inefficient. It scans for some randomly generated IP addresses using port 3127. If the target machine is already infected by variants WORM_MYDOOM.A or WORM_MYDOOM.B, it tries to send a copy of itself to the target machine via socket connection by utilizing the backdoor functionality of the older malware. It then runs the dropped copy to start a new thread of infection.
This malware runs on Windows 95, 98, ME, NT, 2000 and XP.
For additional information about this threat, see:
Solution
Technical Details
Description created: Feb. 9, 2004 9:54:31 AM GMT -0800
Description updated: Feb. 9, 2004 1:01:59 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
