Worm_Strat.Gen-3
Posted by: Nuuruvalar [ITS Security] under Virus
June 4, 2009
Virus Notification/Information:
Source: Trend Micro (Outside Link)
Type: Worm
Aliases: W32.Stration@mm(Symantec), W32/Strati-Gen(Sophos), Trojan.Win32.Pozad.cv(Kaspersky), WORM/Stration.Gen(Avira), W32/Warezov.gen4(F-Prot), W32/Stration@MM(McAfee)
Platform: Windows 98, ME, NT, 2000, XP, Server 2003
Distribution potential: High
Reported infections: Low
Damage potential: Medium
Overall risk rating: Medium
Method(s) of Infection:
Propagates through email. Once the worm is installed on the infected computer, it set’s the infected computer up to send more email with the worm as an attachment to further spread.
Description:
This worm arrives as attachment to email messages spammed by another malware or a malicious user. It may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.
It creates registry key(s)/entry(ies) as part of its installation routine. It modifies registry key(s)/entry(ies) as part of its installation routine.
It drops files/components. Trend Micro detects some of the dropped files as WORM_GENERIC. As a result, malicious routines of the downloaded files are exhibited on the affected system.
It connects to a certain Web site possibly to download files.
Additional Info: