Search
Keyword: worm_rbot.qp
comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown below. This worm is capable of propagating in a local network when an infected machine is found in the said network. It also
This worm arrives as attachment to mass-mailed email messages. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It
This worm arrives as attachment to mass-mailed email messages. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It
This description is based on the compiled analysis of several variants of WORM_VBNA. Note that specific data such as file names and registry values may vary for each variant. This worm arrives by
This worm arrives via removable drives. It may be dropped by other malware. It modifies registry entries to disable various system services. This action prevents most of the system functions to be
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm uses Remote Desktop Protocol (RDP) for its propagation routines. To get a one-glance comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown below. This worm
This worm uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it makes use of of
This worm arrives as attachment to mass-mailed email messages. It deletes autostart registry entries associated with the processes it terminates to completely disable applications. It gathers target
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This worm is not capable of exploiting any known vulnerability on the system. This worm arrives via removable drives. It may be downloaded by other malware/grayware/spyware from remote sites. It may
This Worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
This Worm arrives as an attachment to email messages mass-mailed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from
This worm arrives by connecting affected removable drives to a system. It arrives by accessing affected shared networks. It arrives on a system as a file dropped by other malware or as a file
This worm arrives by connecting affected removable drives to a system. It arrives by accessing affected shared networks. It arrives on a system as a file dropped by other malware or as a file
set of URLs containing 250 random sites per day based on the UTC time standard. It blocks access to websites that contain certain strings, which are mostly related to antivirus programs. This Worm
This worm arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives via peer-to-peer (P2P) shares. It arrives via removable drives. It arrives on a
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file