I-Worm.Pandem
2008-02-23 09:23:03来源:互联网 阅读 ()
病毒名称:
I-Worm.Pandem
类别: 蠕虫病毒
病毒资料:
破坏方法:
这是一个蠕虫病毒,假冒w32_pandemonium@katamail.com发信。
创建一个线程监听TCP 61282 端口,接收远程控制命令。
1.邮件标题为
W32/PANDEMONIUM's Report
或 Wonderful!
2.邮件正文为
Take a look to the attachment, it's fantastic!
X-MimeOLE: ProdUCed By Microsoft MimeOLE V5.00.2919.6700
Importance: High
X-Mailer: Microsoft Outlook, Build 10.0.2627
X-MSMail-Priority: High
X-Priority: 1 (Highest)
3.附件为
spoofer.zip 或 spoofer.exe
4.病毒试图拷贝自己为下列文件
c:\program files\gnucleus\downloads\incoming
\Hotmail Hack.exe
c:\program files\gnucleus\downloads
\Hotmail Hack.exe
c:\program files\KMD\my shared folder
\Hotmail Hack.exe
c:\program files\BearShare\Shared
\Hotmail Hack.exe
c:\program files\KaZaa Lite\My Shared Folder
\Hotmail Hack.exe
c:\program files\KaZaa\My Shared Folder
\Hotmail Hack.exe
c:\program files\Morpheus\my shared folder
\Hotmail Hack.exe
c:\program files\eDonkey2000\incoming
\Hotmail Hack.exe
c:\program files\direct connect\received files
\Hotmail Hack.exe
c:\program files\grokster\my grokster
\Hotmail Hack.exe
c:\program files\limeWire\shared
\Hotmail Hack.exe
c:\program files\gnucleus\downloads\incoming
\Norton keygen-All vers.exe
c:\program files\icq\shared files
\Hotmail Hack.exe
c:\program files\gnucleus\downloads
\Norton keygen-All vers.exe
c:\program files\KMD\my shared folder
\Norton keygen-All vers.exe
c:\program files\BearShare\Shared
\Norton keygen-All vers.exe
c:\program files\KaZaa Lite\My Shared Folder
\Norton keygen-All vers.exe
c:\program files\KaZaa\My Shared Folder
\Norton keygen-All vers.exe
c:\program files\Morpheus\my shared folder
\Norton keygen-All vers.exe
c:\program files\eDonkey2000\incoming
\Norton keygen-All vers.exe
c:\program files\direct connect\received files
\Norton keygen-All vers.exe
c:\program files\grokster\my grokster
\Norton keygen-All vers.exe
c:\program files\limeWire\shared
\Norton keygen-All vers.exe
c:\program files\gnucleus\downloads\incoming
\Hacker.scr
c:\program files\icq\shared files
\Norton keygen-All vers.exe
c:\program files\gnucleus\downloads
\Hacker.scr
c:\program files\KMD\my shared folder
\Hacker.scr
c:\program files\BearShare\Shared\Hacker.scr
c:\program files\KaZaa Lite\My Shared Folder\Hacker.scr
c:\program files\KaZaa\My Shared Folder
\Hacker.scr
c:\program files\Morpheus\my shared folder
\Hacker.scr
c:\program files\eDonkey2000\incoming\Hacker.scr
c:\program files\direct connect\received files\Hacker.scr
c:\program files\grokster\my grokster\Hacker.scr
c:\program files\limeWire\shared\Hacker.scr
c:\program files\gnucleus\downloads\incoming
\credit card.exe
c:\program files\icq\shared files\Hacker.scr
c:\program files\gnucleus\downloads
\credit card.exe
c:\program files\KMD\my shared folder
\credit card.exe
c:\program files\BearShare\Shared\credit card.exe
c:\program files\KaZaa Lite\My Shared Folder
\credit card.exe
c:\program files\KaZaa\My Shared Folder
\credit card.exe
c:\program files\Morpheus\my shared folder
\credit card.exe
c:\program files\eDonkey2000\incoming
\credit card.exe
c:\program files\direct connect\received files
\credit card.exe
c:\program files\grokster\my grokster
\credit card.exe
c:\program files\limeWire\shared\credit card.exe
c:\program files\gnucleus\downloads\incoming
\Microsoft Nuker 2003.exe
c:\program files\icq\shared files\credit card.exe
标签:
版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com
特别注意:本站所有转载文章言论不代表本站观点,本站所提供的摄影照片,插画,设计作品,如需使用,请与原作者联系,版权归原作者所有
上一篇:I-Worm.Zokrim.j
下一篇:I-Worm.Zokrim.f
IDC资讯: 主机资讯 注册资讯 托管资讯 vps资讯 网站建设
网站运营: 建站经验 策划盈利 搜索优化 网站推广 免费资源
网络编程: Asp.Net编程 Asp编程 Php编程 Xml编程 Access Mssql Mysql 其它
服务器技术: Web服务器 Ftp服务器 Mail服务器 Dns服务器 安全防护
软件技巧: 其它软件 Word Excel Powerpoint Ghost Vista QQ空间 QQ FlashGet 迅雷
网页制作: FrontPages Dreamweaver Javascript css photoshop fireworks Flash
