Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » W32/Yaha.A@mm

Overview

Threat Risk LOW LOW
Destructivity NONE NONE
Payload
Detection files published 20 Feb 2002 03:00:00
Description created 21 Feb 2002 01:51:00
Description updated 21 Feb 2002 01:51:00
Malware type WORM
Alias
Spreading mechanism EMAIL
OTHER
Summary None

W32/Yaha.A@mm

Spreading

The worm attempts to copy itself to the C:\RECYCLED directory under the names MSMDM.EXE and MSSCRA.EXE, and changes the registry key HKCR\exefile\shell\open\command to load itself every time an exe program runs.It searches the Windows Address Book and other sources for email addresses to send itself to.The worm also attempts to send itself to the user's MSN Messenger contact list.

Payload Details

n/a

Analysis

n/a

Removal

n/a


Last Updated: 12 Nov 2015 11:06:11