The Web    Google
10/11: Noomy-A Worm Exploits Email, IRC

10/11: Noomy-A Worm Exploits Email, IRC
October 11, 2004

Worm_Noomy.A is a mass-mailing worm that propagates via email and Internet Relay Chat (IRC). It drops copies of itself using attractive file names in order to trick users into opening the email attachment or link.

It makes use of MSWINSCK.OCX in order to run properly. This file is a non-malicious, Microsoft Winsock Control DLL file that is used in Visual Basic applications to add the functionality of socket programming. If it is not able to find the said file on a system, it downloads it from several Web sites.

This worm terminates several processes, and performs denial of service (DoS) attacks against several Web sites. It also has backdoor capabilities, and may execute commands coming from a remote malicious user.

It runs on Windows 98, ME, NT, 2000, and XP.

Technical details are at Trend Micro page.

  • Too Many Lost Emails Leave us Unconnected
  • Simplify File Recovery with Volume Shadow Copy Service
  • 7/13: Rbot-DL Empowers Remote Users
  • Will Users of Word 97 'Bug' Out?
  • Neoteris Extends Gateway Access
  • Outlook Express Bug; MSN IM Worm Detected
  • Immunize Your Servers Against Attack
  • Can Market Forces Secure the Internet?
  • Virus Alert: Macro Virus Targets 2 Specific Dates
  • 3/8: Kelvir-D an IM Worm
  • Mass-Mailing Worm Copies Itself to Windows Folder
  • Compare Security Camera Products