Search
Keyword: worm_rbot.qp
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops copies of itself
This worm uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it makes use of spam
This worm arrives by accessing affected shared networks. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Arrival
set of URLs containing 250 random sites per day based on the UTC time standard. It blocks access to websites that contain certain strings, which are mostly related to antivirus programs. This Worm
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm monitors the Internet activities of the infected system to steal user credentials if the user visits websites with certain strings. It attempts to steal user credentials used in the certain
This worm arrives by connecting affected removable drives to a system. It may be downloaded by other malware/grayware from remote sites. It is injected into all running processes to remain memory
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies certain registry entries to hide file
This worm has the ability to mount to virtual disks. Doing so infects virtual environments that are set up on Windows operating systems. To get a one-glance comprehensive view of the behavior of this
This worm sends copies of itself to target recipients using the instant-messaging (IM) application, MSN Messenger . It executes commands from a remote user to connect to malicious sites to download
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any backdoor routine. It does not have
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses Windows Task Scheduler to create a scheduled task
risk to users due to the increased possibility of infection. To get a one-glance comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown below. This worm opens Microsoft Word
This worm drops .LNK files in removable drives that point to a copy of itself. This is done to automatically execute dropped copies when the said drives are accessed. It also uses the names of
one-glance comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown below. This worm executes commands from a remote malicious user, effectively compromising the affected system. It
This worm arrives by connecting affected removable drives to a system. Arrival Details This worm arrives by connecting affected removable drives to a system. Installation This worm drops the
This worm arrives by connecting affected removable drives to a system. Arrival Details This worm arrives by connecting affected removable drives to a system. Installation This worm drops the
This worm arrives as attachment to mass-mailed email messages. It arrives via removable drives. It adds registry entries to enable its automatic execution at every system startup. It drops an
This worm arrives as attachment to mass-mailed email messages. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It adds registry