WORM_NUWAR.UL |
|
| BugsAlert Home > WORM_NUWAR.UL | |
|
This worm may be downloaded from remote sites by other malware. It may be dropped by other malware. It may also be downloaded unknowingly by a user when visiting malicious Web sites. It drops a copy of itself. It also drops a component. It registers itself as a system service to ensure its automatic execution at every system startup. It does this by creating a registry key It gathers target email addresses from files with certain file name extensions. It avoids sending email messages to addresses containing certain strings. This worm uses its own Simple Mail Transfer Protocol (SMTP) engine to send the email. Having its own SMTP engine allows it to send messages without using any mailing application, such as Microsoft Outlook. It then uses the Gmail and Yahoo! Mail addresses it has gathered to spoof the From field of the email message it sends out. Original Source: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_NUWAR.UL Learn more about WORM_NUWAR.UL |
|
| Tags: worm nuwar.ul | |
Related Items |
|
|
Virgin PC Guard
|
|
|
FrSIRT - Debian Security Update Fixes Libxslt Code Execution Vulnerability
|
|
|
CVE-2008-4983 (scilab-bin)
|
|
|
Red Hat update for java-1.4.2-bea
|
|
|
FrSIRT - Redhat Security Update Fixes Acroread Code Execution Vulnerabilities
|
|
|
Is there no MVP to answer this??
|
|
|
Claws Mail sylprint.pl Insecure Temporary Files
|
|
