![]() ![]() It uses the following crafted User-Agent when communicating with the remote host: also attempts to steal information from the following:.It monitors network traffic to acquire data from E-mail and FTP accounts using the following strings: %System%\drivers\npf.sys - non-malicious.It also installs WinPcap, a legitimate and commonly used Windows packet capture library, which is used to monitor the infected computer's network activities by dropping and installing the following files: It then sets the attributes of the original folders to Hidden to trick the user into clicking the. ![]() LNK files use the names of the folders located on the said drives for their file names. It drops shortcut files pointing to the copy of itself in removable drives. SonyAgent = "%Windows%\Temp\temp:\game.exe This worm adds the following registry entries to enable its automatic execution at every system startup: (Note: %Windows% is the Windows folder, which is usually C:\Windows.) This worm drops the following copies of itself into the affected system and executes them: It may be downloaded from the following remote sites: This worm may be dropped by the following malware: Compromises system security,, Downloads files, Steals information ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |