SecurityHome.eu Virus:Win32/Ramnit.Z

Home / malware PDF

Virus:Win32/Ramnit.Z

First posted on 31 July 2012.
Source: Microsoft
Aliases :
Virus:Win32/Ramnit.Z is also known as Win32/Ramnit.T (ESET), PE_RAMNIT.EVL (Trend Micro), Virus.Win32.Ramnit (Ikarus), W32/Ramnit.ABUY (Norman), W32/Ramnit.I (McAfee), Win32.Rmnet.16 (Dr.Web), W32/Ramnit.Q (Command), W32/Ramnit-BD (Sophos).
Explanation :

Virus:Win32/Ramnit.Z is a virus that infects Windows executable (program) files, Microsoft Office files and HTML files. This malware drops and runs other malware, which may be detected as Trojan:Win32/Ramnit.

Virus:Win32/Ramnit.Z is a member of the Win32/Ramnit family.

When run, Virus:Win32/Ramnit.Z, drops and launches malware with a random file name without any extension into the same folder, for example "MCO9e23", which may be detected as Trojan:Win32/Ramnit.

The dropped file has been observed infecting Windows executable (program) files, Microsoft Office files and HTML files.

Virus:Win32/Ramnit.Z creates a mutex name that is generated using the volume and serial number of the system drive.

Related encyclopedia entries

Trojan:Win32/Ramnit

Win32/Ramnit

Analysis by Edgardo Diaz

Last update 31 July 2012

TOP

Malware :

Last 20

Virus:Win32/Ramnit.Z

Aliases :

Explanation :

Malware :

Family: