|
Description:
This worm spreads via network shares. It uses NetBEUI functions to get available lists of user names and passwords. It then searches for the default shared folders, where it drops a copy of itself using the gathered information.
This worm connects to port 6667 (a normal mIRC port) and joins a specific channel where it listens for commands from the remote malicious user.
This worm also steals the Windows Product ID as well as the CD keys of several applications, and obtains the user name of various Messenger applications.
It runs on Windows 95, 98, ME, NT, 2000, and XP.
For additional information about this threat, see:
Solution
Technical Details
Description created: Aug. 31, 2004 11:19:10 PM GMT -0800
Description updated: Aug. 31, 2004 11:45:27 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
