Skip to main content
0
Search products
Search
Mugs
Tees
Hoodies
Search products
Search
Chat
Share
Free Shipping
Menu
Mugs
Tees
Hoodies
Back to urbandictionary.com
Pro Customization
Create unique products with your own words and definitions
Preview
Personalize Your Design
Your Word
Your Definition
This is a mass-mailing worm that arrives in an email message as follows: -The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment. -The message contains Unicode characters and has been sent as a binary attachment. -Mail transaction failed. Partial message is available. From: (spoofed) Subject: (Random) Body: (Varies, such as) The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment. The message contains Unicode characters and has been sent as a binary attachment. Mail transaction failed. Partial message is available. Attachment: (varies .exe, .pif, .cmd, .scr - often arrives in a ZIP archive) (22,528 bytes) When this file is run it copies itself to the local system with [the following] filenames: -c:\Program Files\KaZaA\My Shared Folder\activation_crack.scr -%SysDir%\taskmon.exe -(Where %Sysdir% is [the Windows] System directory, for example C:\WINDOWS\SYSTEM) It also uses a DLL that it creates in [the Windows] System directory: -%SysDir%\shimgapi.dll (4,096 bytes) It creates [the following] registry entry to hook Windows startup: -HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\Run "TaskMon" = %SysDir%\taskmon.exe The worm opens a connection on TCP port 3127 suggesting remote access capabilities Indications of [Infection]: -Upon executing the virus, Notepad is opened, filled with nonsense characters. -Existence of the files and registry entry listed above This file tries to spread via email and by copying itself to the shared directory for Kazaa clients if they are present. The mailing component harvests address from the local system. Files with [the following] [extensions] are targeted: .wab, .adb, .tbb, .dbx, .asp, .php, .sht, .htm, .txt Additionally, the worm contains strings, which it uses to randomly generate, or guess, addresses.
Text may be too long
Save
Cancel
🤖
Shopping Assistant
Online
Hey! 👋 I'm your shopping assistant. What are you looking for?
Ask about products
AI-generated responses. Verify claims.