WORM_SOHANAD.AS |
|
| BugsAlert Home > WORM_SOHANAD.AS | |
|
This worm arrives either as a file downloaded from remote sites by other malware. It can also be downloaded unknowingly by a user when visiting malicious Web sites. It drops copies of itself. It also drops a certain file. It disables Task Manager. It does the said routine to avoid termination from the affected system's memory. It attempts to connect to certain URLs to download possibly maliciois files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It creates a scheduled task to execute its dropped copies. It then uses Windows Task Scheduler to create the following scheduled task that automatically executes at 9 o'clock everyday:
Original Source: http://feeds.trendmicro.com/~r/MalwareTop10/~3/191910774/default5.asp Learn more about WORM_SOHANAD.AS |
|
| Tags: worm sohanad.as | |
Related Items |
|
|
FrSIRT - Ubuntu Security Update Fixes gstreamer-plugins-good Vulnerability
|
|
|
FrSIRT - GNU Emacs vcdiff Insecure Temporary File Creation Vulnerability
|
|
|
Vuln: Linux Kernel 'fcntl_setlk()' SMP Ordering Local Denial of Service Vulnerability
|
|
|
CVE-2008-0808 (Ikiwiki)
|
|
|
TROJ_RENOS.ACQ
|
|
|
Microsoft Security Advisory (954960): Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates
|
|
|
FrSIRT - Python Multiple Module Buffer and Integer Overflow Vulnerabilities
|
|
