W32.Wozer.Worm


Aliases: I-Worm.Poffer.b, W32/Wozer.worm
Variants: WORM_WOZER.A

Classification: Malware
Category: Computer Worm

Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 18 Nov 2003
Damage: Low

Characteristics: The W32.Wozer.Worm program is a worm that propagates through IRC and network shares. It also spread through e-mail by sending a copy of itself as an attached file named .zip, which, however, is corrupted and would not propagate the worm. This worm affect windows operating system such as Windows 95, Windows 2000, Windows 98, Windows NT, Windows Me, and Windows XP

More details about W32.Wozer.Worm

W32.Wozer.Worm is an internet worm that spreads via e-mail, network shares and IRC. After execution, this worm copies itself as eCard.zip and Explore.exe. This file is corrupted and cannot be unpacked with software compressors such as WinZIP,RAR or integrated ZIP support in the system. Registry keys are as well changed in order to run the worm once it windows starts. This worm is claimed to browse network connections to spread its copy to other devices that allows write access to drive C utilizing the personal data of the infected user. The worm copies itself as WINUPDATE.EXE. and adds a call to that file in the AUTOEXEC.BAT. The worm as well gathers e-mail addresses from the local system with file-extensions such as .ASP, HTML, .TXT, .VBS, .RTF, .DOC, .BAS, .FRM, .CPP, .TBB, .MBX, .NCH, .MMF, .ODS, .EML, .WAB, and .HTM.

A remote user may have installed the W32.Wozer.Worm software through an existing backdoor. Malicious downloader programs may have downloaded and installed it in the system. Some creators of malware applications reportedly attach the infected files to worm software to spread them quickly through networks. The user may install possibly harmful software into the computer without knowing it. Malware program writers commonly disguise their products as legitimate files to entice users to download them. They may attach their programs to popular downloads such as multimedia files and games. These are usually made available in peer-to-peer (P2P) networks. Some are distributed through e-mail, Internet Relay Chat (IRC), or instant messages.