|
Description:
This worm spreads via network shares, and takes advantage of the following Windows vulnerabilities to propagate across networks:
- LSASS vulnerability
- Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability
For more information about these Windows vulnerabilities, please refer to the following Microsoft Web pages:
This worm attempts to log on to systems using a list of user names and passwords hardcoded in its body. It then drops a copy of itself in all accessed machines.
This worm has backdoor capabilities and may execute commands issued by a remote user, which include launching various methods of distributed denial of service (DDoS) attacks against certain Web sites. It also steals the CD keys, serial numbers, and even application product IDs of game applications and software products.
This worm is written and compiled using Visual C++, and runs on Windows NT, 2000 and XP.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jul. 23, 2004 10:49:12 AM GMT -0800
Description updated: Jul. 23, 2004 11:30:11 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
