Palevo.A.7056 is a worm known by its executable name, junaci.exe. Palevo is spreading through autorun feature of usb drives, messengers and P2P. It works on Windows 200, 2003 and XP. Junaci modifies Windows registry and drops malicious files. It has low damage potential.

Spread methods Edit

Palevo spreads through 3 ways: USB drives, Messengers and P2P. When it gets access to any pc it adds registry key to run its code on boot.

Infecting USB Edit

When plugging any storage device to infected computer, Junaci copies itself into UNUCI folder and creates autorun file running malicious code. After plugging the device into healthy computer, Junaci copies itself into %HOME%/csrss.exe

P2P Edit

MSN Messenger Edit

Code Edit

Junaci was written in Visual C++

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.