 7/30: Tompai-A Has Backdoor Functionality |
 |
|
|
|
|
|
7/30: Tompai-A Has Backdoor Functionality
July 30, 2004
W32/Tompai-A is a virus with backdoor functionality for the Windows platform.
The virus creates three copies of itself in the windows system folder. One copy is named mainsv.exe the others are randomly chosen from the following pairs of names:
loadms.exe & loadmsnt.exe
cmpku.exe & cmpkunt.exe
netcompt.exe & netcomptnt.exe
ptsnopt.exe & ptsnoptnt.exe
ntdllf.exe & ntdllfnt.exe
The virus also infects exe files on the local hard disk and creates copies of itself with the following names:
the_matrix.scr
mario_2.pif
matrix_desktop.pif
mp3_convert.pif
Zsnes_win.pif
VRMLpad_crack.pif
matrix3Dsetup.pif
Dx_ball2_Setup.pif
Crack_tools.exe
More information is at Sophos page.
|
|
|
|
|
Palyh and Fizzer Top Troublemakers in May
Microsoft Patches 'Critical' ASN.1 Vulnerability
Experts Question UN's Anti-Spam Plan
10/27: Famus-C Worm Sends Private Data
NIKSUN offers a security camera for your network
XP SP2 Deadline Extended
Worldwide Security Server Appliance Market Hits $379 Million
3/3: VBS.Allem Worm a Mass-Mailing Worm
3/25: Backdoor.Nibu-J Runs Keylogger
A case study in security incident forensics and response.
6/21: Korgo-N, O, P Exploit LSASS Flaw
Home Security Camera Background
 |
