W32.Kerim@mm


Aliases: I-Worm.Kermit
Variants: N/A

Classification: Malware
Category: Computer Worm

Status: Active & Spreading
Spreading: N/A
Geographical info: North America
Removal: N/A
Platform: W32
Discovered: 26 Sep 2003
Damage: N/A

Characteristics: The worm W32.Kerim@mm is a P2P worm and a mass mailer. The email it attempts to send has the subject “9 Things I Hate About Everybody Else...” and an attachment file named 9things.scr. This particular worm is written in Microsoft Visual Basic and is UPX packed.

More details about W32.Kerim@mm

The mass mailer worm W32.Kerim@mm spreads itself through emails or P2P network downloads. When the worm is executed, it copies itself as C:\Kermit\kermit.exe and C:\Kermit\9things.scr. It also adds values to the registry to ensure that it runs during Windows startup. It copies itself to folders in C:\ProgramFiles using enticing filenames like kermit.exe,9things.scr, F-Prot Crack.exe, Norton Antivirus, Crack.exe Anna\'s Virtual Sex.exe, etc. It also attempts to send emails with the subject “9 Things I Hate About Everybody Else...” and an attachment file named 9things.scr. The worm allows unauthorized access to your computer. It causes general system connectivity issues, floods the Internet connection, and hijacks keyword searches. It also installs without the consent of the user. In addition, it reports your data back to a remote attacker, steals valuable information, and even monitors online activity.

The W32.Kerim@mm application can spread itself over the computer network. It may create copies of itself in the shared folders and removable media of the computer. These copies automatically execute once another computer accesses shared folder the removable media. It may also spread to other computers via spam e-mails. The application utilizes a Simple Mail Transfer Protocol (SMTP) engine to send copies of itself via the Internet.