CENTER.HU groups
CENTER.HU address

User:

Guest

www.center.hu / Archive / Security news / january, 2004 / W32.Dumaru.Y@mm 

W32.Dumaru.Y@mm

W32.Dumaru.Y@mm

Discovered on: January 23, 2004
Last Updated on: January 24, 2004 05:55:32 PM


W32.Dumaru.Y@mm is a multi-threaded, mass-mailing worm that opens a backdoor, runs a keylogger, and attempts to steal personal information. It is very similar to W32.Dumaru.M@mm.

It uses its own SMTP engine to spread to email addresses that it finds in files on the infected system. The email has the following characteristics:

From: ˝Elene˝ (censored)
Subject: Important information for you. Read it immediately !
Message:
Hi !
Here is my photo, that you asked for yesterday.
Attachment: myphoto.zip

The attachment is a zip file which contains the worm executable as ˝myphoto.jpg .exe˝. (There are 56 spaces between ˝jpg˝ and ˝.exe˝.)

This worm is packed with FSG.

Variants: W32.Dumaru.M@mm
Type: Worm
Infection Length: 17KB
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Systems Not Affected: DOS, Linux, Macintosh, OS/2, UNIX

 

More information on Symantec Security Response site:
http://securityresponse.symantec.com/avcenter/venc/data/w32.dumaru.y@mm.html

Source: Symantec Corporation
www.symantec.com


 

Back



Copyright © CENTER.HU Ltd, 2000-2010. All rights reserved

sitemap | privacy policy |

copyrights | new pages |

terms of purchase | contact us


PARTNERS: Computerworld.hu | GameStar.hu | PCWorld.hu | SG.hu | PC Guru | Hitel