Search
Keyword: worm_bropia
This worm uses Windows Task Scheduler to create a scheduled task that executes the dropped copy. It disables Task Manager, Registry Editor, and Folder Options. It drops copies of itself in all
This worm arrives by accessing affected shared networks. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Arrival
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies certain registry entries to hide file
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF file to automatically execute the
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops copies of itself
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm monitors the Internet activities of the infected system to steal user credentials if the user visits websites with certain strings. It attempts to steal user credentials used in the certain
set of URLs containing 250 random sites per day based on the UTC time standard. It blocks access to websites that contain certain strings, which are mostly related to antivirus programs. This Worm
risk to users due to the increased possibility of infection. To get a one-glance comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown below. This worm opens Microsoft Word
This worm drops .LNK files in removable drives that point to a copy of itself. This is done to automatically execute dropped copies when the said drives are accessed. It also uses the names of
This worm sends copies of itself to target recipients using the instant-messaging (IM) application, MSN Messenger . It executes commands from a remote user to connect to malicious sites to download
one-glance comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown below. This worm executes commands from a remote malicious user, effectively compromising the affected system. It
This worm arrives by connecting affected removable drives to a system. Arrival Details This worm arrives by connecting affected removable drives to a system. Installation This worm drops the
This worm arrives by connecting affected removable drives to a system. Arrival Details This worm arrives by connecting affected removable drives to a system. Installation This worm drops the
This worm arrives by connecting affected removable drives to a system. It may be downloaded by other malware/grayware from remote sites. It is injected into all running processes to remain memory
This worm has the ability to mount to virtual disks. Doing so infects virtual environments that are set up on Windows operating systems. To get a one-glance comprehensive view of the behavior of this
If it fails to download the configuration file, this worm downloads a certain file. It saves the downloaded file as %System%\setting.ini . It expects the downloaded configuration file to contain a
This worm arrives as attachment to mass-mailed email messages. It arrives via removable drives. It adds registry entries to enable its automatic execution at every system startup. It drops an
This worm arrives as attachment to mass-mailed email messages. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It adds registry