Precisa de ajuda? Peça à comunidade ou contrate um perito.
Acesse a Avira Answers
Date discovered:20/08/2010
In the wild:Yes
Reported Infections:Low to medium
Distribution Potential:Low to medium
Damage Potential:Low to medium
Static file:Yes
File size:151.552 Bytes
MD5 checksum:eb705dcc0aa25f73d45aca7e48de03e6
VDF version:
IVDF version: - Friday, August 20, 2010

 General Methods of propagation:
    Autorun feature
   • Local network

   •  Bitdefender: Worm.Generic.268425
   •  Panda: W32/Slenfbot.AD
   •  Eset: Win32/AutoRun.IRCBot.DZ

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003

Side effects:
   • Drops malicious files

 Files It copies itself to the following location:
   • %drive%\apdlgmdi.exe

The following file is created:

%drive%\autorun.inf This is a non malicious text file with the following content:
   • %code that runs malware%

 Messenger It is spreading via Messenger. The characteristics are described below:


 Network Infection In order to ensure its propagation the malware attemps to connect to other machines as described below.

It makes use of the following Exploits:
– MS04-007 (ASN.1 Vulnerability)
 MS06-040 (Vulnerability in Server Service)

 Miscellaneous  Checks for an internet connection by contacting the following web site:
Accesses internet resources:

 File details Runtime packer:
In order to aggravate detection and reduce size of the file it is packed with a runtime packer.

Descrição enviada por Petre Galan em terça-feira, 18 de janeiro de 2011
Descrição atualizada por Petre Galan em terça-feira, 18 de janeiro de 2011

Voltar . . . .
https:// Esta janela é criptografada para sua segurança.