W32.Shoren


Aliases: N/A
Variants: N/A

Classification: Malware
Category: Computer Virus

Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 18 Mar 2009
Damage: Low

Characteristics: W32.Shoren is a virus that multiplies by infecting .exe files.

More details about W32.Shoren

W32.Shoren is a virus that multiplies by infecting .exe files. The worm multiplies by pretending itself to all .exe files on the compromised PC. The pretended executable file has a damaged header that avoids from the file from being opened. The original executable file is present in the attached data of the contaminated executable file. It also has downloader characteristics. It connects to remote server to download and install a possibly harmful additional component into the user’s computer. It may download spyware programs and advertising software. It may also install data mining and hack tools without the user’s consent. This computer worm may spread to other computers without the developer or remote user’s intervention

This program locates other computers over the network and creates copies of itself in folders that are open for read and write functions. It also connects to the Internet and scans other machines that may be vulnerable for exploitation. It sends data a pocket that installs the downloader component of the computer worm. This component then downloads the main body of the program.The W32.Shoren program also has backdoor features. The application creates an illicit network connection which allows remote users to gain unauthorized access on the computer. The program enables a remote user to send instructions to the computer. These remote commands may instruct he computer to manage files, modify system settings and reboot the system. The backdoor generated by the application can also be used by other malware programs to freely enter the computer.