|
Description:
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview
This worm may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.
Upon execution, it drops a copy of itself. It displays a message box to trick users into thinking that it did not execute properly. It accesses the Google Web site to check for an Internet connection.
It creates a registry entry to enable its automatic execution at every system startup. It also drops non-malicious files.
This worm checks if the user has visited the social networking Web site Facebook by searching for cookies with a certain string. If it finds the said string, it adds links to the affected user's profile that points to a copy of this worm. It deletes itself if no cookies that refer to Facebook are found.
For additional information about this threat, see:
Solution
Technical Details
Description created: Aug. 13, 2008 6:33:31 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
