PE_TENGA.A |
|
| BugsAlert Home > PE_TENGA.A | |
|
This virus spreads via network shares. It collects and generates a certain number of octets of a host machine's IP address, then scans the whole network for writable shared folders. It either appends or inserts its code into the .EXE files it finds in all of the infected system's folders. This file infector executes at every system startup if the file it infects has autostart capabilities. Upon execution, it connects to the following Web site to download DL.EXE, which Trend Micro detects as TROJ_TENGADL.A:
The downloaded Trojan, in turn, downloads the file GAELICUM.EXE, which Trend Micro detects as PE_TENGA.A-O. Note that the file may vary anytime. As of this writing, the file is detected by Trend Micro as WORM_RBOT.GAE. Original Source: http://feeds.trendmicro.com/~r/MalwareTop10/~3/169122400/default5.asp Learn more about PE_TENGA.A |
|
| Tags: tenga.a | |
Related Items |
|
|
FrSIRT - Ruby REXML Library Entities Handling Denial of Service Vulnerability
|
|
|
Virgin PC Guard
|
|
|
TROJ_AGENT.AYZO
|
|
|
Vuln: BabbleBoard 'username' HTML Injection Vulnerability
|
|
|
CVE-2008-4749 (vimp_x)
|
|
|
MS07-064 ? Critical: Vulnerabilities in DirectX Could Allow Remote Code Execution (941568) - Version:1.1
|
|
|
Softbiz Classifieds Script "msg" Cross-Site Scripting Vulnerability
|
|
