Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » W32/Frantes.A@mm

Overview

Threat Risk LOW LOW
Destructivity NONE NONE
Payload
Detection files published 17 Jun 2002 03:00:00
Description created 12 Jun 2002 08:21:00
Description updated 18 Jun 2002 05:07:00
Malware type WORM
Alias W32/Tettona.A
W32.Higuy.A
Spreading mechanism EMAIL
Summary None

W32/Frantes.A@mm

Spreading

This email worm uses its own SMTP engine to spread to other users in the Windows Address Book.The subjects used in infected mails are:"Incredibile..""Urgente! (vedi allegato)""Qualsiasi cosa fai,falla al meglio.""Incredible.."The body text in the mails will be:"Hello,see this interesting file.Bye."or"Ciao,okkio all' allegato ;-)A presto..."or"Ciao,devi assolutamente vedere il file che ti ho allegato.A presto..."or"Ciao,apri subito l' allegato,e' molto interessante.A presto..."It will also install itself in registry so that it is loaded from bootup:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\DLLManager = \dllmgr32.exe

Payload Details

n/a

Analysis

n/a

Removal

n/a


Last Updated: 12 Nov 2015 11:06:10