Nume:JS/Yamanner
Descoperit pe data de:13/06/2006
Tip:Vierme
ITW:Nu
Numar infectii raportate:Scazut
Potential de raspandire:Mediu
Potential de distrugere:Scazut spre mediu
Fisier static:Nu
Marime:~6.300 Bytes
Versiune VDF:6.35.00.19
Versiune IVDF:6.35.00.25 - Mittwoch, 14. Juni 2006

 General Metoda de raspandire:
   • Email


Alias:
   •  Symantec: JS.Yamanner@m
   •  Mcafee: JS/Yamanner@MM
   •  TrendMicro: JS_YAMANER.A


Sistem de operare:
   • Windows 95
   • Windows 98
   • Windows 98 SE
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003




   Description:

   This malicious script exploits a recently discovered vulnerability in the Yahoo! web-based email service in order to perform its routine.

   When an email containing this malware is opened, the malicious JavaScript will automatically send email messages to several random addresses contained in the user's contacts list.

   Afterwards, the collected email addresses are uploaded on a site contained in the body of the malware.

 Email Catre:
Destinatarii mesajului sunt:
   • %adrese de email culese din sistem%@yahoo.com
   • %adrese de email culese din sistem%@yahoogroups.com


Subiect:
Urmatorul:
   • New Graphic Site



Corpul email-ului:
Corpul email-ului este unul din textele:

   • This is test.
     Note: forwarded message attached.

   • Note: forwarded message attached.

 Backdoor Servere contactate:

   • http://www.av3.net/**********

Astfel se pot transmite informatii.

Trimte informatii despre:
    • Adresele de email colectate

Die Beschreibung wurde erstellt von Andrei Gherman am Dienstag, 13. Juni 2006
Die Beschreibung wurde geändert von Andrei Gherman am Dienstag, 13. Juni 2006

zurück . . . .