登录
欢迎您,
Language:
简体中文
English
Deutsch
Français
Español
Italiano
Nederlands
Português
Türkçe
Русский
日本語
简体中文
繁體中文
한국어
欲了解有关我们公司和产品的更多信息,
请访问我们的全球网站
。
个人及家庭防护
企业信息安全
技术支持
联系我们
Search
总结
完整说明
统计数据
Alias:
Worm/Readme
Type:
Worm
Size:
24.576 Bytes
Origin:
Date:
09-06-2001
Damage:
Sent by email.
VDF Version:
6.23.00.00
Danger:
Low
Distribution:
Low
Distribution
It sends itself by email using Microsoft Outlook. The email sent by the worm has the following structure:
Subject: As per your request!
Body: Please find attached file for your review I lokk forward to hear form your again very soon. Thank you.
Attachment: README.EXE
Technical Details
W32/Apost is an Internet worm, programmed in Visual Basic 6. If the worm is activated, a window appears indicating a false WinZip error message. When the user clicks on "Aceptar" button, the worm sends itself by email, using Microsoft Outlook Address Book. After sending emails, another window appears.
The worm creates copies of itself in Windows directory and in root directories of the local drives (C:\; D:\; ...) as README.EXE, which has the standard Visual Basic 6 application icon.
The worm makes the following registry entry:
HKCU\Software\Microsoft\Windows\Current Version\Run\macrosoft = %Windows%\Readme.exe
说明添加者: Crony Walker 打开 2004年6月15日星期二
反馈
.
.
.
.
我的帐户
https
://
为了你的安全,此窗口已加密。
登录
忘记密码
重置密码
我的个人资料
产品
付款历史记录
通知
密码重置
联系我们
注销
