|
Description:
This memory-resident worm spreads via network shares. It attempts to drop a copy of itself in a list of default shares. If these shares are password-protected, it uses a list of user names and passwords to gain access.
It also has backdoor capabilities. It opens random ports and acts as an Internet Relay Chat (IRC) bot. It then connects to an IRC server and joins a channel, where it listens for commands from a remote malicious user. It executes these commands locally on an affected system, providing the remote user virtual control over the system.
This worm also attempts to steal the CD key of the game Battlefield 2.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jul. 11, 2005 9:40:30 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
