Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
The Fleming Internet worm is a 32-bit Windows application (.exe file)
with a size of 53,248 bytes and written in Visual Basic. The worm
spreads via the Windows (.NET) Messenger Internet chat program that is
built into Windows XP. The worm circulates a message written in English
that proposes recipients download a program supposedly developed by the
message's author. Message text is as follows:
"Hey!! Could you please check out this program for me?
myself and want people to test it. Its a readme with the program that
explains what it does! http://home.no.net/downl0ad/BR2002.exe"
The Internet address appearing in the message
(http://home.no.net/downl0ad/BR2002.exe) contains a copy of the worm.
Fleming does not install itself into the system and is triggered into
action only if users launch its code (for example, double-clicking on
the program icon in Windows Explorer). When launched, Fleming attempts
to download two files from the Internet site
"http://home.no.net/downl0ad/". The names and save locations of these
two files are:
C:\update35784.exe
C:\hehe2397824.exe
Next the worm connects with Windows (.NET) Messenger and waits for
incoming messages. When it receives several messages from the user
"styggefolk@hotmail.com", Fleming sends out a reply containing
registration information (CD-Keys) from Counter-Strike and Half-Life.
Fleming also finds the Windows (.NET) Messenger contact list and sends its
message to each entry.
According to Kaspersky Labs, at this time, the Internet resource
"http://home.no.net/downl0ad/BR2002.exe" is locked.
Robert
__________
powered by http://different-thinking.de - Netze, Protokolle, Sicherheit, ...