WORM_SOCKS.D |
|
| BugsAlert Home > WORM_SOCKS.D | |
|
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview This worm arrives via email messages spammed by another malware or by a malicious user. It may also be dropped by other malware. Instead of attaching copies of itself to email messages, this worm asks users to click a link in the message. This is an effective way for it to bypass email applications that scan for malicious attachments. When a user clicks the said link, this worm connects to certain Web sites to download a copy of itself. This worm drops copies of itself. It creates registry entries to enable its automatic execution at every system startup. It also modifies a registry entry to enable its automatic execution at every system startup. This worm propagates by sending email messages containing a link, which when clicked, redirects users to a malicious Web site where a copy of this worm is downloaded. Original Source: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SOCKS.D Learn more about WORM_SOCKS.D |
|
| Tags: worm socks.d | |
Related Items |
|
|
VUPEN - Avaya Products Net-SNMP GETBULK Denial of Service Vulnerability
|
|
|
CVE-2008-3951 (agent_zone)
|
|
|
Checkpoint VPN-1 Information Disclosure Vulnerability
|
|
|
Google Web Toolkit Benchmark Reporting System Cross Site Scripting
|
|
|
MS08-077 - Important: Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175)
|
|
|
FrSIRT - Avaya Communication Manager Information Disclosure Vulnerability
|
|
|
WORM_NETSKY.DAM
|
|
