PE_LOOKED.FZ
October 09, 2012
PLATFORM:
Windows 2000, Windows XP, Windows Server 2003
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
Threat Type: File infector
Destructiveness: No
Encrypted: No
In the wild: Yes
OVERVIEW
This file infector infects by appending its code to target host files.
TECHNICAL DETAILS
File Size: Varies
File Type: EXE
Memory Resident: Yes
Initial Samples Received Date: 05 Mar 2009
Installation
This file infector drops the following copies of itself into the affected system:
- %Windows%\Logo1_.exe
(Note: %Windows% is the Windows folder, which is usually C:\Windows or C:\WINNT.)
It drops the following files:
- %Windows%\Dll.dll
- %Windows%\rundl132.exe
(Note: %Windows% is the Windows folder, which is usually C:\Windows or C:\WINNT.)
File Infection
This file infector infects by appending its code to target host files.
NOTES:
This malware drops the file _desktop.INI in all folders found in the system.