Search
Keyword: worm_bropia
Trend Micro has received multiple samples of this worm from multiple, independent sources, including customer reports and internal sources. These indicate that this worm poses a high risk to users
This worm sends messages that contain links to sites hosting remote copies of itself using the instant-messaging (IM) applications Yahoo Messenger and MSN Messenger . It may also send messages
needed during in system bootup. To get a one-glance comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown below. This worm arrives via removable drives. It may be unknowingly
This worm arrives by accessing affected shared networks. It may be dropped by other malware. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies certain registry entries to hide file
This worm arrives via removable drives. It modifies certain registry entries to hide file extensions. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses
This description is based is a compiled analysis of several variants of WORM_PROLACO. Note that specific data such as file names and registry values may vary for each variant. This worm arrives as
This worm arrives via removable drives. It drops copies of itself in all drives. These dropped copies use the names of the folders located on the said drives for their file names. It drops an
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any backdoor routine. It does not have
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses Windows Task Scheduler to create a scheduled task
This worm may be unknowingly downloaded by a user while visiting malicious websites. It drops copies of itself in removable drives. These dropped copies use the names of the folders located on the
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF file to automatically execute the
This Worm arrives as an attachment to email messages mass-mailed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Worm arrives via removable drives. It executes commands from a remote malicious user, effectively compromising the affected system. It retrieves specific information from the affected system. It
This worm arrives via removable drives. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. It connects to Internet Relay
This worm monitors the Internet activities of the infected system to steal user credentials if the user visits websites with certain strings. It attempts to steal user credentials used in the certain
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF file to automatically execute the
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any