Shipoftheline
Banned
Just to let those who arn't aware a new virus is doing the rounds which you should be aware of
Technical Details
This network worm infects computers running Windows. It propagates via the LSASS vulnerability, details of which can be found MS04-011here.
The worm also propagtes via the Internet as an attachment to infected emails. It sends itself to all email addresses harvested from the victim machine.
In terms of functionality, this version is almost identical to Mytob.a, differing from it only in the following ways:
Mytob.c is approximately 49KB in size, packed using UPX. The unpacked file is approximately 98KB in size.
Instead of creating a file named %System%\msnmsgr.exe, Mytob.c creates a file named %System%\wfdmgr.exe
It registers this file in the system registry:
Code:You don't have permission to view the code content. Log in or register now.