SecurityHome.eu Win32.Msblast.F

Home / malware PDF

Win32.Msblast.F

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Win32.Msblast.F is also known as Win32.Msblast.A, W32.Blaster.Worm, (NAV.
Explanation :
It is a modified variant of Win32.Msblast.A, the only difference being some text strings:

Spreading file is %SYSTEM%enbiei.exe (e.g. C:WindowsSystem32)
Target registry key is:

[HKLMSoftwareMicrosoftWindowsCurrentVersionRun\www.hidro.4t.com]

Unused strings are now:
Nu datzi la f***ultatea de ***!!! Pierdetzi timpul degeaba...
*** te cheama pensia!!!Ma *** pe diploma!!!!!!

The DDoS attack now is targeted to tuiasi.ro
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20