Wikia

Malware Wiki

MyDoom

Comments0
788pages on
this wiki
MyDoom
Aliases
  • Email-Worm.Win32.Mydoom.a (Kaspersky Lab)
  • W32/Mydoom.a@MM (McAfee)
  • W32.Mydoom.A@mm (Symantec)
  • Win32.HLLM.MyDoom (Doctor Web)
  • W32/MyDoom-A (Sophos)
  • Win32/Mydoom.A@mm (RAV)
  • WORM_MYDOOM.A (Trend Micro)
  • Worm/Mydoom.A (Avira)
  • W32/Mydoom.A@mm (FRISK)
  • Win32:Mydoom (ALWIL)
  • I-Worm/Mydoom.A (AVG)
  • Win32.Novarg.A@mm (SOFTWIN)
  • Worm.SCO.A (ClamAV)
  • W32/Mydoom.A.worm (Panda)
  • Win32/Mydoom.A (Eset)
Type Worm
Affected platform/s Microsoft Windows
Mydoom (also known as Novarg) is a computer worm affecting Microsoft Windows. It was first sighted on January 26, 2004. It became the fastest-spreading e-mail worm ever (as of January 2004), exceeding previous records set by the Sobig worm. This worm spreads via the Internet in the form of files attached to infected messages. It also spreads via the file sharing network Kazaa. The worm itself is a Windows PE EXE file of 22528 bytes, compressed using UPX. The decompressed file is approximately 40KB in size.

The worm is activated only if the user opens the archive and launches the infected file by double-clicking on the attachment. The worm then installs itself in the system and starts the replication process.

The worm contains a backdoor function, and is also programmed to carry out DoS attacks on the site www.sco.com on 1st February 2004.

Part of the body of the worm is encrypted.[1]

ReferencesEdit

External linksEdit


Around Wikia's network

Random Wiki