FANDOM


Palevo.A.7056, is a worm known by it's executable name, junaci.exe. Palevo is spreading through autorun feature of usb drives, messengers and P2P. It works on Windows 200, 2003 and XP. Junaci modifies Windows registry and drops malicious files. It has low damage potential.

Spread methods

Palevo spreads through 3 ways: USB drives, Messengers and P2P. When it gets access to any pc it adds registry key to run it's code on boot.

Infecting USB

When plugging any storage device to infected computer, Junaci copies itself into UNUCI folder and creates autorun file running malicious code. After plugging the device into healthy computer, Junaci copies itself into %HOME%/csrss.exe

P2P

MSN Messenger

Code

Junaci was written in Visual C++

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.