"Swallow " vermian virus analyses a report (1)
On November 24 afternoon, golden hill poison bully instead virus lab is urgent handled the swallow with a relatively extensive transmission vermian virus, name for: "Swallow " (Worm.Yanz.b) , urgent upgraded virus library.
Golden hill poison bully had done urgent processing to this virus, ask an user to upgrade in time poison bully arrives the newest virus library November 24, 2004.
It is the labor report of this virus below
Virus information:
Virus name: Worm.Yanz.b
Chinese name: Swallow
Minatory level: In
Virus type: Vermian
Get influence system: Win9x / WinNT
Discover time: On November 24, 2004
Virus brief introduction:
This virus is passed share, a variety of means such as email travel, the file name copy of virus risks Sun Yan appearance song (be like: Huai_Tian_Qi Tao_Wang) , prevail on user is opened move, the meeting after opening is played give " No Windows. Yes Doors And Holes " the dialog box of content. Virus still can try to download a clavier to record a trojan from the net, the information of filch user.
Technical characteristic:
1, founding following files:
C:YAnzi.htm
%SystemRoot%Sun_YanZI.zip (compress a bag to contain those who have virus, wrap the name inside to be: Sun_Yan_Zi-Shen_Qi.mp3.pif)
%System%Dong_Shi.exe (virus oneself is copied)
%System%NvCpl.EXE (virus oneself is copied)
%System%I_am_Sun_Yanzi.sysa (the virus that MIME codes)
%System%Huai_Tian_Q1.sys (include those who have the MIME of virus to compress a bag)
YanZi.vbs (generate Sun.exe) file
2, in register a watch advocate key:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun
Add following key costs
"NvCpl" =%System%NvCpl.EXE
3, duplicate inside all folder that contain SHAR oneself, file name may be as follows one of:
SunYanZi.mp3.exe
Sun_YanZi-Huai_Tian_Qi.mpg.exe
Sun_YanZi-I_am_not_sad.mp3.exe
Sun_YanZi-Leave_me_alone.mp3.exe
Sun_YanZi-Mei_You_Ren_De_Fang_Xiang.avi.exe
Sun_YanZi-Shen_Qi.exe
Sun_YanZi-Tao_Wang.mpeg.exe
YanZi.Mp3.exe
YanZi_SuN-forever.mp3.exe
Previous12 Next