|
Description:
This worm scans the network and attempts to log on to target systems using a list of text strings as user names and passwords. It then drops copies of itself in the default shares of successfully accessed machines.
It has backdoor capabilities. It connects to an Internet Relay Chat server and waits for commands issued by a remote user.
This worm exploits the following Windows vulnerabilities:
- RPC/DCOM vulnerability
- IIS/WebDAV vulnerability
More information on these vulnerabilities can be found in the following links:
This worm also steals CD keys of certain games, and terminates certain processes.
This worm is written and compiled using Visual C++, and runs on Windows NT, 2000 and XP.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jun. 29, 2004 10:36:53 AM GMT -0800
Description updated: Aug. 4, 2004 6:47:22 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
