Description:
This worm usually arrives on a system as a file dropped by other malware.
Upon execution, it drops a copy of itself as ADOBER.EXE in the Windows folder.
It also creates a file named ADOBER.EXE.LOG in the folder where this worm executes.
It propagates by dropping a legitimate Microsoft file, as well a copy of itself, in all removable drives.
Using a random TCP port, it allows a remote malicious user to connect to the affected system and execute several commands. The said routine provides the remote user virtual control over the affected system, thus compromising system security.
This worm is capable of stealing IP addresses. It saves the gathered information in the .LOG file mentioned earlier, then sends the said file to certain URLs.
For additional information about this threat, see:
Solution
Technical Details
Description created: Nov. 21, 2006 7:59:02 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
