Alias:Worm/Readme
Type:Worm 
Size:24.576 Bytes 
Origin: 
Date:09-06-2001 
Damage:Sent by email. 
VDF Version:6.23.00.00 
Danger:Low 
Distribution:Low 

DistributionIt sends itself by email using Microsoft Outlook. The email sent by the worm has the following structure:
Subject: As per your request!
Body: Please find attached file for your review I lokk forward to hear form your again very soon. Thank you.
Attachment: README.EXE

Technical DetailsW32/Apost is an Internet worm, programmed in Visual Basic 6. If the worm is activated, a window appears indicating a false WinZip error message. When the user clicks on "Aceptar" button, the worm sends itself by email, using Microsoft Outlook Address Book. After sending emails, another window appears.
The worm creates copies of itself in Windows directory and in root directories of the local drives (C:\; D:\; ...) as README.EXE, which has the standard Visual Basic 6 application icon.
The worm makes the following registry entry:
HKCU\Software\Microsoft\Windows\Current Version\Run\macrosoft = %Windows%\Readme.exe
설명 삽입자 Crony Walker   2004년 6월 15일 화요일

뒤로 . . . .

© 2013 Avira Operations GmbH & Co. KG. All rights reserved.

내 계정

https:// 이 창은 보안을 위해 암호화되었습니다.