Aliases: W64/Rugrat.3344
Variants: W64/Rugrat, W64/Rugrat-B

Classification: Malware
Category: Computer Worm

Status: Active & Spreading
Spreading: Moderate
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W64
Discovered: 26 May 2004
Damage: Low

Characteristics: The W64.Rugrat.3344 program is a file infector virus that is created for a purpose of attacking only 64-bit Windows platform, infecting 64-bit Windows executable files. It infects files that are in the same folder as the virus, and then attacks files in all its subfolders.

More details about W64.Rugrat.3344

Once W64.Rugrat.3344 has gained access to a computer, it replicates itself as an executable file and mounts itself invisibly into the system directory. This worm variant creates various entries and subkeys into the computer’s registry in order for it to run each time its victim’s computer boots up. Aside from replicating itself, W64.Rugrat.3344 also performs other activities including installation of rootkits to hide some files and running processes from being seen and detected by the user. Some of these files include a peer-to-peer client. This e-mail borne worm is also capable of forcing an infected computer to be included in criminal activities as a member or element of a botnet that can then halt the Internet or network connection of certain machines by swarming them with too much data requests.

W64.Rugrat.3344 negatively impacts the performance as well as the stability of its victim’s computer. Because of this worm’s activities on its infected computer, a user may experience slow Internet connection, data corruption, freezing of running applications, termination of running programs and system crashes. Based on some Web forum participants who have already encountered this worm, their computers were utilized by this worm in transmitting unsolicited electronic mail messages and accumulating confidential information. This worm also floods their computers with lots of requests for information, thus causing their computers to slow down.