Besoin d’aide ? Fais appel à la communauté ou embauche un spécialiste.
Aller à Avira Answers
Date discovered:14/08/2013
In the wild:No
Reported Infections:Medium
Distribution Potential:Low
Damage Potential:Low
Static file:No
VDF version: - Wednesday, August 14, 2013
IVDF version: - Wednesday, August 14, 2013

 General Method of propagation:
   • No own spreading routine

   •  Eset: VBS/Agent.NDE.worm

Platforms / OS:
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
   • Can be used to execute malicious code
   • Downloads a malicious file

 Registry One of the following values is added in order to run the process after reboot:

–  [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   • "sample"=""wscript.exe //B "%appdata%\sample.vbs"""

 Miscellaneous Internet connection:
In order to check for its internet connection the following DNS server is contacted:
   • penter**********

 File details Programming language:
The malware program was written in Visual Basic.

Description insérée par Soe-liang Tan le vendredi 16 août 2013
Description mise à jour par Wensin Lee le vendredi 16 août 2013

Retour . . . .