Oscarbot.KD Worm exploits the Microsoft MS06-040 Vulnerability

« Attacking Corporate Networks with BlackBerry devices | Main | Microsoft to offer Vista Upgrade Coupons »

Aug15

August 15, 2006

PandaLabs reveals the existence of a new variant of the Oscarbot worm, namely Oscarbot.KD, which is the first worm to exploit the

recently released Microsoft patch - MS06-040.

The main characteristics of the Oscarbot.KD worm variant:

- File name: wgareg.exe or wgavm.exe.

- File size: 9,609 bytes (wgareg.exe) or 9,374 bytes (wgavm.exe).

- It is packed with Mew, and its code is encrypted using a 1-byte XOR mask.

Oscarbot.KD spreads across network shared resources, instant messaging programs and by exploiting vulnerabilities. It creates a service called wgareg, in order to pass itself off as the Windows Genuine Advantage Registration Service. Once the worm is run, it waits for remote control commands, received via IRC.

Sourced by Virus Alerts, by Panda Software

related entries

Russian Porn sites using Web Attacker kit for VML exploit Sep 19, 2006
New Email Security Tools from ISS and Declude Sep 13, 2006
Important Apps for Windows Sep 3, 2006
Using iPods in E-mail scams Aug 31, 2006
Symantec finds new AMD processor Virus Aug 28, 2006

0 Comments/Trackbacks

submit a trackback

TrackBack URL for this entry:

Comment Preview

« Attacking Corporate Networks with BlackBerry devices | Main | Microsoft to offer Vista Upgrade Coupons »

Advertise

Related Resources

Advertise Here

Current News

Press Releases

resources

Bookmark this Page
Write for us
About us
Team
Contact
Subscribe
Advertise
Network Map
Privacy
Disclaimer

Support This Blog

business social media

Use these fast growing business social media sites to promote your business, feature your products, spotlight your business leaders, create links, and drive traffic back to your company site, all for free!

BIZZlogos - Add your logo - free link to your site
BIZZphotos - Add photos of your products and people
BIZZprofiles - Submit your profile and build your online visibility
BIZZspotlight - Spotlight your business with free links
BIZZvideos - Videos about businesses, products and business people.
BIZZbites - "Digg" for Business - Submit your articles and posts

Know More Media - Technology / Computers / Software

know more media network

View Network Map

Network Feed List (OPML)

Know More Media Network
Feed

we support unitus

PRWeb

Influencer

ITechTips is a member of the Know More Media network of business related blogs.

Here are some current headlines from some of our business publications:

Devoted to hardware, software, IT issues, and information technology management

related entries

0 Comments/Trackbacks

submit a trackback

post a comment

Comment Preview

Advertise

Related Resources

recent comments

sponsored ads

topics

subscribe

Current News

resources

Support This Blog

archives

blogroll

business social media

Know More Media - Technology / Computers / Software

know more media network

we support unitus

PRWeb

Influencer

ProductivityGoal

CallCenterScript

AdHurl

TheBizofKnowledge

LandingTheDeal

CustomersAreAlways

HealthCareVox

BrainBasedBusiness

TheInsurancePolicy

MarketingBlurb