Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » W32/Bropia.E

Overview

Threat Risk LOW LOW
Destructivity NONE NONE
Payload
Detection files published
Description created 27 Feb 2005 04:25:00
Description updated 27 Feb 2005 04:25:00
Malware type WORM
Alias
Spreading mechanism OTHER
Summary None

W32/Bropia.E

Spreading

When W32/Bropia.E runs it copies itself to the root of the C drive using one of these filenames: me_2005.pif LOL.scr Webcam.pif hahahaha.pif naked_drunk.pif sister.pif The worm then drops a copy of W32/SDBot.DPH to the root of the C drive as: cz.exe The worm will then attempt to propagate via MSN by trying to initiate a file transfer using the file it dropped into the root of the C drive. The transfer must be accepted and the file run before the remote system can become infected, as Bropia.E does not utilise any automated execution techniques.

Payload Details

W32/Bropia.E will prevent access to task manager (taskmgr.exe) and the command interpreter (cmd.exe). The worm will also disable the right mouse button and set the audio volume to 0.

Analysis

n/a

Removal

n/a


Last Updated: 12 Nov 2015 11:06:12