|
Description:
This worm spreads by dropping a copy of itself in the shared folder IPC$.
It also takes advantage of the Microsoft Windows Plug and Play vulnerability to propagate across networks. For more information regarding this vulnerability, please refer to the following Microsoft Web page:
This worm has backdoor capabilities. It opens a random port and acts as an Internet Relay Chat (IRC) bot, which connects to a remote IRC server. It then joins a specific IRC channel, where it listens for commands coming from a remote malicious user.
As part of its backdoor capabilities, this worm also performs distributed denial of service flood attacks.
For additional information about this threat, see:
Solution
Technical Details
Description created: Aug. 16, 2005 7:23:15 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
