Search
Keyword: worm_bropia
This worm uses Remote Desktop Protocol (RDP) for its propagation routines. This worm registers ntshrui.dll (copy of clb.dll) as a service by creating the a certain registry. It then adds this service
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. The dropped file is injected in all running processes. It
This Worm arrives as attachment to mass-mailed email messages. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm attempts to steal user credentials, such as user names and passwords, related to online games. It does this by monitoring processes/services in the memory that contains certain strings. It
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm checks if Mozilla Thunderbird is installed in the affected system. It checks for the SMTP server used by this application by checking the file prefs.js and use it to send email messages
This worm arrives as attachment to mass-mailed email messages. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It drops an
This worm arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It may also compose messages that can be part of its spamming routine. It executes
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm executes the files it drops, prompting the affected system to exhibit the malicious routines they contain. Arrival Details This worm may arrive via network shares. Installation This worm
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm may be dropped by other malware. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Arrival Details This worm
This worm attempts to steal user credentials, such as user names and passwords, that are related to online games. It does this by monitoring processes/services in the memory that contains certain
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses Windows Task Scheduler to create a scheduled task
This worm exploits a vulnerability in Server service that, when exploited, allows a remote user to execute arbitrary code on the infected system in order to propagate across networks. To get a
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder