订阅病毒名稱(中文):
病毒別名:
威脅級別:
★☆☆☆☆
病毒類型:
蠕蟲病毒
病毒長度:
37377
影響系統:
Win9xWinNT
病毒行爲:
這是一個通過郵件傳播的蠕蟲病毒,他會搜集用戶計算機上的郵箱地址,把自己發送出去.
1.生成文件:
%system%\combo.exe
2.添加啓動項,使病毒開機啓動:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
combo.exe
"combo.exe"
3.發郵件:
發信人是以下中的隨機一個:
"admin@mail.ru"
"admin@hotmail.com"
"admin@gmail.com"
"admin@yandex.ru"
"admin@rambler.ru"
主題是:
HELOlocalhost
收件人爲以下名稱的隨機一個:
"Abrahams"
"Adler"
"Adorno"
"Ellis"
"Ellison"
"Emmanuel"
"Farber"
"Feidelberg"
"Feinberg"
"Feldman"
"Fink"
"Finkel"
"Finkbein"
"Finkelstein"
"Fish"
"Fisch"
"Fishbein"
"Fleischer"
"Fleisher"
"Frankel"
"Freud"
"Fried"
"Friedman"
"Geffen"
"Gelbman"
"Gersh"
"Gershwin"
"Glazer"
"Glickman"
"Glucksman"
"Goldberg"
"Goldenson"
"Goldwyn"
"Gottlieb"
"Gould"
"Gralnick"
"Greenberg"
"Grossman"
"Gruber"
"Grinberg"
"Gunzberg"
"Gysi"
"Halperin"
"Halpern"
"Handler"
"Hecht"
"Heck"
"Heller"
"Hellman"
"Herman"
"Herzberg"
"Hersch"
"Herzog"
"Hillel"
"Himmelfarb"
"Hirsch"
"Hoch"
"Hohenemser"
"Hollaender"
"Horowitz"
