Search
Keyword: worm_rbot.qp
This worm attempts to connect to certain URLs. Once a connection is established, it waits for commands from the remote user. This worm arrives via removable drives. It may be unknowingly downloaded
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It employs registry shell
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF file to automatically execute the
This worm is capable of backdoor commands. Depending on the commands received from the server, it may terminate processes related to security. It may also modify the contents of %System%\drivers\etc
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It creates folders in all physical and removable drives.
This worm connects to a server and waits for commands coming from a remote user. Once connected, it may perform various routines. This worm arrives by connecting affected removable drives to a
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops copies of itself
This worm arrives by connecting affected removable drives to a system. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system.
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF file to automatically execute the
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF file to automatically execute the
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops copies of itself in all removable drives. It
commands. It also connects to a URL in order to listen for these commands as well. This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes then deletes itself afterward. It modifies
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
This worm is capable of monitoring the browsing activities of the affected computer and logs all information related to finance-related websites containing certain strings. It also collects
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
indicates it is being monitored or tested. Installation This worm drops the following file(s)/component(s): %User Temp%\removeMe{4 numbers}.bat (Note: %User Temp% is the current user's Temp folder, which is