SecurityHome.eu Win32.Melare.A@mm

Home / malware PDF

Win32.Melare.A@mm

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Win32.Melare.A@mm is also known as N/A.
Explanation :
Win32.Melare.A@mm was written in Visual Basic 6 and compressed with UPX. It spreads by sending a large number of emails to the user's contacts. It uses Outlook to spread.

The emails it sends look like this:

Subject: Alert! SARS Is being Spread!
Body: Hi!, This is a beta test SARS. Please check an attachment!
Attachment: a.exe

When run, the virus will drop a copy in the Windows folder, named csrss.EXE and create the registry entry above in order for it to be run at start-up. It will then send the emails in the format described above.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20