The worm's file is a PE executable file bytes long. K is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses it finds when scanning hard drives and mapped drives. The "sender" of the email is spoofed, and its subject, message body, and attachment vary.
The attachment has a. This threat is compressed with tElock. L is a mass-mailing worm that is a stripped-down version, just containing a minimum set of features and with no comments on the ongoing virus war.
M is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer.
N is a mass-mailing worm that upon execution the worm copies itself to the Windows System Directory with the filename 'VisualGuard. The worm is similar to its predecessors in the family. The only major difference is that a fake note claiming the message to be virus-free is added to the infected messages. The worm removes several registry values that belong to other worms. O is a mass-mailing worm that uses four different fake antivirus scanner messages mentioning four different major antivirus companies including F-Secure.
P is a mass-mailing worm that sends itself to email addresses it gathers from certain files on the system. The worm also tries to spread itself via various file-sharing methods by copying itself into directories using enticing filenames. P variant has the ability to infect a computer from the preview pane, similar to Nimda and it deletes registry keys that Mydoom and its variants use to infect and deliver their payloads.
Q is a mass-mailing worm that spreads in an email using different exploits and social engineering. Q performs a DDoS against several websites and makes the infected computers beep randomly. R is a mass-mailing worm that uses its own SMTP engine to send itself to all email addresses it gathers from certain files on the system.
It's a stripped-down version of NetSky. R performs a DDoS against several websites. S is a mass-mailing worm that has a limited set of features comparing to previous ones. It does not spread to local network and P2P and does not uninstall Bagle worm. The worm has a backdoor that listens on port Some of the worm's text strings are encrypted. T is a mass-mailing worm that targets computers running certain versions of Microsoft Windows.
The worm is activated when a user opens the attachment that contains the worm. The worm also contains a backdoor and performs a denial of service DoS attacks against certain websites. This worm functions in exactly the same manner as Netsky. U is a mass-mailing worm that contains backdoor functionality and may perform a Denial of Service DoS attack against predetermined Web sites.
Some of the worm's text strings are scrambled. V is a mass-mailing worm that sends itself to the email addresses that it gathers from the files on the computer. This variant does not send an attachment with its email messages, but instead sends a link to an infected computer, attempting to download and run the worm's executable. From the line of the email is spoofed, and the Subject line and message body vary. Products for home. Save on Surface Score incredible deals on select Surface devices for every activity.
Join now Compare all plans. Xbox Series S Next-gen performance in the smallest Xbox ever. Do more with Windows Shop tablets, laptops, all-in-ones, gaming PCs, and more. Find your next PC. For business. New Surface Pro 8 for Business Get unprecedented levels of performance and versatility on a inch screen. Shop now Shop Enterprise. Q first appeared on Monday and is spreading on the Internet. It is the 17th variant of the worm to be released since Netsky first appeared in February, antivirus companies said.
The Q variant arrives in e-mail file attachments with. Netsky also tries to exploit a long-patched Microsoft Corp. Q messages are disguised to look like returned e-mail error messages that might be generated by a company's e-mail servers. Like earlier versions of Netsky, the new version installs itself on Windows machines when the file attachment is opened. It also combs the infected machine's hard drive and harvests e-mail addresses from a variety of file types.
Computers infected with the new worm variant are also programmed to launch a denial of service attack on a number of P-to-P and pirated software Web sites including www. A message buried in the worm's code may explain the programmed attacks on P-to-P networks. In the message, the Netsky author or authors claim to represent a benevolent group called "SkyNet Antivirus Team" based in "Russia" and draw distinctions between their creation and other worms that open back doors on infected computers that can be used to relay spam message or facilitate future hacking.
0コメント