Home / malwarePDF  


First posted on 22 February 2020.
Source: Microsoft

Aliases :

Worm:Win32/Brontok.AR@mm is also known as Win32/Brontok.worm.Gen, W32/Brontok.F@mm, I-Worm/VB.GC, Win32.Worm.Rontok.F, Win32/Brontok, Email-Worm.Win32.Brontok.q, W32/Rontokbro.gen@MM, W32/Rontokbro.Y@mm, W32/Brontok.H.worm, W32/Brontok-E, Email-Worm.Win32.Brontok.a, W32.Rontokbro@mm, WORM_BRONTOK.HY, I-Worm.Brontok.R.

Explanation :

Worm:Win32/Brontok.AR@mm is detection for a group of variants of the Win32/Brontok worm family.  This worm spreads by sending a copy of itself as an e-mail attachment to e-mail addresses that it gathers from files on the infected computer. It can also copy itself to USB and pen drives. Win32/Brontok can disable antivirus and security software, immediately terminate certain applications, and cause Windows to restart immediately when certain applications run. The worm may also conduct denial of service (DoS) attacks against certain Web sites. For more details about the Win32/Brontok family, visit this link: http://www.microsoft.com/security/portal/Entry.aspx?name=Worm:Win32/Brontok@mm  Analysis by Josh Phillips

Last update 22 February 2020