病毒名称(中文):
病毒别名:
威胁级别:
★☆☆☆☆
病毒类型:
蠕虫病毒
病毒长度:
37377
影响系统:
Win9xWinNT
病毒行为:
这是一个通过邮件传播的蠕虫病毒,他会搜集用户计算机上的邮箱地址,把自己发送出去.
1.生成文件:
%system%\combo.exe
2.添加启动项,使病毒开机启动:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
combo.exe
"combo.exe"
3.发邮件:
发信人是以下中的随机一个:
"admin@mail.ru"
"admin@hotmail.com"
"admin@gmail.com"
"admin@yandex.ru"
"admin@rambler.ru"
主题是:
HELOlocalhost
收件人为以下名称的随机一个:
"Abrahams"
"Adler"
"Adorno"
"Ellis"
"Ellison"
"Emmanuel"
"Farber"
"Feidelberg"
"Feinberg"
"Feldman"
"Fink"
"Finkel"
"Finkbein"
"Finkelstein"
"Fish"
"Fisch"
"Fishbein"
"Fleischer"
"Fleisher"
"Frankel"
"Freud"
"Fried"
"Friedman"
"Geffen"
"Gelbman"
"Gersh"
"Gershwin"
"Glazer"
"Glickman"
"Glucksman"
"Goldberg"
"Goldenson"
"Goldwyn"
"Gottlieb"
"Gould"
"Gralnick"
"Greenberg"
"Grossman"
"Gruber"
"Grinberg"
"Gunzberg"
"Gysi"
"Halperin"
"Halpern"
"Handler"
"Hecht"
"Heck"
"Heller"
"Hellman"
"Herman"
"Herzberg"
"Hersch"
"Herzog"
"Hillel"
"Himmelfarb"
"Hirsch"
"Hoch"
"Hohenemser"
"Hollaender"
"Horowitz"