|
|
|
|
|||||||
| Forums | Portal | Register | Forum Rules | FAQ | Contribute | Members List | Arcade | Search | Today's Posts | Mark Forums Read |
| Malware Advisories (RSS) Malware Security Advisories Via RSS |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Worm_onlineg.snl | iBot | Malware Advisories (RSS) | 0 | 07-23-2008 04:20 AM |
| Worm_onlineg.xdz | iBot | Malware Advisories (RSS) | 0 | 07-18-2008 04:00 AM |
| Worm_onlineg.yiw | iBot | Malware Advisories (RSS) | 0 | 07-14-2008 08:40 AM |
| Worm_onlineg.ugx | iBot | Malware Advisories (RSS) | 0 | 07-08-2008 04:40 AM |
| Worm_onlineg.djo | iBot | Malware Advisories (RSS) | 0 | 01-30-2008 04:00 PM |
 |
|
|
Submit Tools | LinkBack | Thread Tools | Search this Thread | Display Modes |
|
#1
07-24-2008
|
||||
|
||||
|
Worm_onlineg.tty
This worm may either be dropped or downloaded from remote sites by other malware.
Upon execution, it drops a copy of itself, a DLL component, and a non-malicious file in the system. It also creates a new folder.It modifies the system registry such that its automatic execution at every system startup is enabled. Also through system registry modification, it hides files with both System and Read-only attributes. This worm propagates via physical and removable drives. It drops an AUTORUN.INF file to automatically execute dropped copies when the drives are accessed. As part of its routine, this worm drops CRYP_XED-6 and TSPY_ONLINEG.BWN as its components. As a result, malicious routines of the dropped files are exhibited on the affected system. More... 
|
||||
| Google The UNIX and Linux Forums |
| Forum Sponsor | ||
|
|
Linear Mode
