病毒名称(中文):
病毒别名:
威胁级别:
★☆☆☆☆
病毒类型:
蠕虫病毒
病毒长度:
53628
影响系统:
Win9xWinMeWinNTWin2000WinXPWin2003
病毒行为:
这是一个通过邮件传播的蠕虫病毒,该病毒会尝试搜索被感染机器上所以的邮件地址
然后把病毒本身发送出去。
1.病毒把自己本是拷贝一份放到P2P软件的共享区,并且以下面随机一个名字命名:
1001Sexandmore.rtf.exe
3DStudioMax63dsmax.exe
ACDSee10.exe
AdobePhotoshop10crack.exe
AdobePhotoshop10full.exe
AdobePremiere10.exe
AheadNero8.exe
AltkinsDiet.doc.exe
AmericanIdol.doc.exe
ArnoldSchwarzenegger.jpg.exe
BestMatrixScreensavernew.scr
Britneysexxxx.jpg.exe
BritneySpearsandEminemporn.jpg.exe
BritneySpearsblowjob.jpg.exe
BritneySpearscumshot.jpg.exe
BritneySpearsfuck.jpg.exe
BritneySpearsfullalbum.mp3.exe
BritneySpearsporn.jpg.exe
BritneySpearsSexyarchive.doc.exe
BritneySpearsSongtextarchive.doc.exe
BritneySpears.jpg.exe
BritneySpears.mp3.exe
CloneDVD6.exe
Cloning.doc.exe
Cracks&WarezArchiv.exe
DarkAngelsnew.pif
DictionaryEnglish2004-France.doc.exe
DivX8.0final.exe
Doom3release2.exe
E-BookArchive2.rtf.exe
Eminemblowjob.jpg.exe
Eminemfullalbum.mp3.exe
EminemPoster.jpg.exe
Eminemsexxxx.jpg.exe
EminemSexyarchive.doc.exe
EminemSongtextarchive.doc.exe
EminemSpearsporn.jpg.exe
Eminem.mp3.exe
Fullalbumall.mp3.pif
Gimp1.8FullwithKey.exe
HarryPotter1-6book.txt.exe
HarryPotter5.mpg.exe
HarryPotteralle.book.doc.exe
HarryPotterebook.doc.exe
HarryPottergame.exe
HarryPotter.doc.exe
Howtohacknew.doc.exe
InternetExplorer9setup.exe
KazaaLite4.0new.exe
Kazaanew.exe
Keygen4allnew.exe
LearnProgramming2004.doc.exe
Lightwave9Update.exe
MagixVideoDeluxe5beta.exe
Matrix.mpg.exe
MicrosoftOffice2003Crackbest.exe
MicrosoftWinXPCrackfull.exe
MSServicePack6.exe
netskysourcecode.scr
NortonAntivirus2005beta.exe
Opera11.exe
Partitionsmagic10beta.exe
PornoScreensaverbritney.scr
RFCcompilation.doc.exe
Ringtones.doc.exe
Ringtones.mp3.exe
SaddamHussein.jpg.exe
Screensaver2.scr
Serialsedition.txt.exe
Smashingthestackfull.rtf.exe
StarOffice9.exe
TeenPorn15.jpg.pif
TheSims4beta.exe
UleadKeygen2004.exe
VisualStudioNetCrackall.exe
WinLonghornre.exe
WinAmp13full.exe
Windows2000Sourcecode.doc.exe
Windows2003crack.exe
WindowsXPcrack.exe
WinXPeBooknewest.doc.exe
XXXhardcorepics.jpg.exe
2.搜索以下文件来获取邮件地址:
HTM,
HTML,
EML,
TXT,
PHP,
ASP,
VBS,
RTF,
UIN,
SHTM,
CGI,
DHTM,
ADB,
TBB,
DBX,
SHT,
OFT,
MSG,
JSP,
WSH,
XML
3.发送邮件的主体为以下任意一个:
Re:Re:
Re:EncryptedMail
Re:ExtendedMail
Re:Status
Re:Notify
Re:SMTPServer
Re:MailServer
Re:DeliveryServer
Re:BadRequest
Re:Failure
Re:Thankyoufordelivery
Re:Test
Re:Administration
Re:MessageError
Re:Error
Re:ExtendedMailSystem
Re:SecureSMTPMessage
Re:ProtectedMailRequest
Re:ProtectedMailSystem
Re:ProtectedMailDelivery
Re:Securedelivery
Re:DeliveryProtection
Re:MailAuthentification
邮件内容以下任意一个:
Pleaseconfirmmyrequest.
ESMTP[SecureMailSystem#334]:Securemessageisattached.
Partialmessageisavailable.
WaitingforaResponse.Pleasereadtheattachment.
Firstpartofthesecuremailisavailable.
Formoredetailsseetheattachment.
Forfurtherdetailsseetheattachment.
Yourrequestedmailhasbeenattached.
ProtectedMailSystemTest.
SecureMailSystemBetaTest.
Forwardedmessageisavailable.
Deliveredmessageisattached.
Encryptedmessageisavailable.
Pleasereadtheattachmenttogetthemessage.
Followtheinstructionstoreadthemessage.
Pleaseauthenticatethesecuremessage.
Protectedmessageisattached.
Waitingforauthentification.
Protectedmessageisavailable.
BadGateway:Themessagehasbeenattached.
SMTP:Pleaseconfirmtheattachedmessage.
Yougotanewmessage.
Nowanewmessageisavailable.
Newmessageisavailable.
Youhavereceivedanextendedmessage.Pleasereadtheinstructions.
附件描述以下任意一个:
Yourdetails.
Yourdocument.
Ihavereceivedyourdocument.Thecorrecteddocumentisattached.
Ihaveattachedyourdocument.
Yourdocumentisattachedtothismail.
Authenticationrequired.
Requestedfile.
Seethefile.
Pleasereadtheimportantdocument.
Pleaseconfirmthedocument.
Yourfileisattached.
Pleasereadthedocument.
Yourdocumentisattached.
Pleasereadtheattachedfile!
Pleaseseetheattachedfilefordetails.
+++Attachment:NoVirusfound
+++MessageLabsAntiVirus-www.messagelabs.com
+++Attachment:NoVirusfound
+++BitdefenderAntiVirus-www.bitdefender.com
+++Attachment:NoVirusfound
+++MC-AfeeAntiVirus-www.mcafee.com
+++Attachment:NoVirusfound
+++KasperskyAntiVirus-www.kaspersky.com
+++Attachment:NoVirusfound
+++PandaAntiVirus-www.pandasoftware.com
++++Attachment:NoVirusfound
++++NormanAntiVirus-www.norman.com
++++Attachment:NoVirusfound
++++F-SecureAntiVirus-www.f-secure.com
++++Attachment:NoVirusfound
++++NortonAntiVirus-www.symantec.de
附件名称以下任意一个:
document_all
message
exceldocument
worddocument
screensaver
application
website
product
letter
information
details
document
后缀名称以下任意一个:
EXE
SCR
PIF
ZIP
