TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
WORM_KILLAV.AI
Overview
Solution

Malware type: Worm

Aliases: No Alias Found

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 Medium

Distribution potential:

 Medium

Infection Channel 1 : Propagates via removable drives

Infection Channel 2 : Copies itself in all available physical drives

Description: 

To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

WORM_KILLAV.AI Behavior Diagram

Malware Overview

This worm arrives in an affected system as a downloaded file from remote sites by JS_DLOADER.BD. It may be dropped by other malware, or downloaded unknowingly by a user when visiting malicious Web sites.

It propagates by dropping copies of itself into all physical and removable drives. It also drops an AUTORUN.INF file that automatically execute dropped copies when the drives are accessed.

This worm drops and executes several files which Trend Micro detects as TROJ_KILLAV.ALA. As a result, malicious routines of the dropped Trojan are exhibited on the affected system.

For additional information about this threat, see:
Solution
Technical Details

Description created: Jul. 6, 2009 6:02:04 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.