WORM_GAMARUE.SMJA
March 22, 2016
ALIASES:
Worm:Win32/Gamarue (Microsoft), Trojan.Win32.Agent.ifal (Kaspersky)
PLATFORM:
Windows
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
INFORMATION EXPOSURE:
Threat Type: Worm
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This worm is used to load and execute a file.
TECHNICAL DETAILS
File Size:
Varies
File Type:
DLL
Initial Samples Received Date:
03 Jun 2015
Arrival Details
This malware arrives via the following means:
- Arrives via removable drives
- Dropped component by GAMARUE malware family
- Executed by LNK component of GAMARUE malware family
Other Details
This worm requires the existence of the following files to properly run:
- {removable drive letter}:\IndexerVolumeGuid
It is used to load and execute the following file:
- {removable drive letter}:\IndexerVolumeGuid