WORM_ZHELATI.BHA |
|
| BugsAlert Home > WORM_ZHELATI.BHA | |
|
This worm arrives as attachment to email messages spammed by another malware or a malicious user. It can also be dropped by other malware. Upon execution, this worm drops a copy of itself. It then creates a registry entry to enable its automatic execution at every system startup. This worm propagates by sending email messages containing a link, which redirect users to a malicious Web site where a copy of itself can be downloaded. It uses its own Simple Mail Transfer Protocol (SMTP) engine to send the email. Having its own SMTP engine allows it to send messages without using any mailing application, such as Microsoft Outlook. This worm gathers target email addresses from files with certain file name extensions. However, it avoids sending email messages to addresses containing certain strings. Original Source: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_ZHELATI.BHA Learn more about WORM_ZHELATI.BHA |
|
| Tags: worm zhelati.bha | |
Related Items |
|
|
Fedora update for pcre
|
|
|
BosClassifieds Classified Ads System "returnTo" Cross-Site Scripting
|
|
|
Another Fraudulent Trend Micro Site Appears
|
|
|
Gentoo update for dhcp
|
|
|
Alkacon OpenCms logfileViewSettings.jsp XSS, file disclosure
|
|
|
CVE-2008-3708 (dotcms)
|
|
|
CVE-2008-1190 (JRE, JDK)
|
|
