Und3ertak3r
July 15th, 2003, 01:52 PM
Hi Guys,
been a bit slack.. here is a recent Cat 2 listing from symantec (http://securityresponse.symantec.com/avcenter/venc/data/w32.lohack.b.worm.html) ...
Wild: Low
Damage: Low
Distribution: High
This means low occurance in the wild, but has the potential for greatnes..
W32.Lohack.B.Worm is a worm that attempts to spread itself through file-sharing networks. It also attempts to mass mail itself to all the contacts in the Windows Address Book. The email will have a variable subject and attachment name. The attachment will have a .exe or .scr file extension.
The worm uses an internal SMTP client engine. In addition, W32.Lohack.B.Worm is a network-aware worm. It is a Visual Basic application that is compiled to native code and is packed with UPX v1.23.
Type: Worm
Infection Length: 47,132 bytes
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me
Systems Not Affected: Microsoft IIS, Macintosh, OS/2, UNIX, Linux
BTW: another reason to be aware of the files downloaded on P2P networks..
Haven't checked Sophos, McAfee, Panda, KAV, etc for their reports.. or naming..
Cheers
been a bit slack.. here is a recent Cat 2 listing from symantec (http://securityresponse.symantec.com/avcenter/venc/data/w32.lohack.b.worm.html) ...
Wild: Low
Damage: Low
Distribution: High
This means low occurance in the wild, but has the potential for greatnes..
W32.Lohack.B.Worm is a worm that attempts to spread itself through file-sharing networks. It also attempts to mass mail itself to all the contacts in the Windows Address Book. The email will have a variable subject and attachment name. The attachment will have a .exe or .scr file extension.
The worm uses an internal SMTP client engine. In addition, W32.Lohack.B.Worm is a network-aware worm. It is a Visual Basic application that is compiled to native code and is packed with UPX v1.23.
Type: Worm
Infection Length: 47,132 bytes
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me
Systems Not Affected: Microsoft IIS, Macintosh, OS/2, UNIX, Linux
BTW: another reason to be aware of the files downloaded on P2P networks..
Haven't checked Sophos, McAfee, Panda, KAV, etc for their reports.. or naming..
Cheers