|
Description:
This worm uses the account of a target user as well as a list of weak user names and passwords to access network shares.
This worm can also take advantage of the following vulnerabilities, malware backdoor capabilities and application to propagate into accessible systems:
- Buffer Overflow in SQL Server 2000 (MS02-061)
- WebDAV vulnerability (MS03-007)
- Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability (MS03-026)
- Windows LSASS vulnerability (MS04-011)
- WORM_BAGLE, WORM_MYDOOM, BKDR_OPTIX, BKDR_NETDEVIL, BKDR_KUANG and BKDR_SUB7 variants
- DameWare
This worm connects to the Internet Relay Chat (IRC) server as an IRC bot. It then listens for certain commands coming from a malicious user.
It also steals CD keys of popular game applications.
It runs on Windows 95, 98, ME, NT, 2000, and XP.
For additional information about this threat, see:
Solution
Technical Details
Description created: Oct. 26, 2004 11:38:58 PM GMT -0800
Description updated: Oct. 27, 2004 12:00:31 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
