|
Description:
This new MYDOOM variant is a mass-mailing worm that selects from a list of email subjects, message bodies, and attachment file names for its email messages. It spoofs the sender name of its messages so that they appear to have been sent by different users instead of the actual users on infected machines.
It also propagates using the Kazaa peer-to-peer file-sharing network and copies itself into machines with random IP addresses. It scans IP addresses for accessible systems and sends a copy of itself into these systems via port 3127.
It also performs a denial of service (DoS) attack against www.sco.com and www.microsoft.com.
Like its earlier variant, this worm also has a backdoor component. It opens port 1080 to allow remote access to infected machines. It may also use ports 3128, 80, 8080, and 10080.
This worm runs on Windows 95, 98, ME, NT, 2000, and XP.
Please refer to the Technical Details section for more information on this malware.
doom doom doom
For additional information about this threat, see:
Solution
Technical Details
Description created: Jan. 28, 2004 8:35:35 AM GMT -0800
Description updated: Jan. 28, 2004 8:44:57 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
