Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » MSH/Danom

Overview

Threat Risk NONE NONE
Destructivity LOW LOW
Payload Infects MSH scripts
Detection files published
Description created 05 Aug 2005 04:07:00
Description updated 05 Aug 2005 04:07:00
Malware type VIRUS
Alias MSH/Modan
Spreading mechanism
Summary None

MSH/Danom

Spreading

n/a

Payload Details

The MSH/Danom family currently has 5 variants, each of which infects MSH scripts in slightly different ways:

Overwriter. This searches the current directory for MSH scripts, and simply overwrites them. Appender. This searches the current directory for MSH scripts, and appends itself to any found. Prepender. This searches the current directory for MSH scripts, and prepends itself to any found. EPO. This searches the current directory for MSH scripts, and inserts itself to any found. Cross platform. This searches the current directory for MSH, BAT and CMD scripts, and inserts itself to any found.

Analysis

n/a

Removal

MSH/Danom.A-E is detected and removed with definition files later than 05-August-2005.


Last Updated: 12 Nov 2015 11:06:12