I-Worm.Miniman, W32/Miniman, I-Worm/Miniman, WORM_MINIMAN
Email-Worm.Win32.Miniman, W32/[email protected]
, Miniman Internet Worm
Category: Computer Worm
Active & Spreading
20 Aug 2003
The [email protected]
belongs to the category of mass mailing Worms which target the contents of the address book of the default email client of the operating system. These harvested email addresses become the target for the Worm's spreading routine. It makes use of either a VBS or an EXE format file for its attachment. Like most Worm variants, it will attempt to trick the recipient into launching the file attachment to being its infection routine.
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean [email protected]
from your computer.
On its first launching the [email protected]
will drop into the host computer system its executable file components. These files will be stored in the directory folder of the operating system. It will invoke the Run command in the initialization file with the value equivalent to the exact location of the executable file in the hard drive. The [email protected]
will modify the system initialization file by adding its value to the Shell instruction. These routines are intended to make sure that its codes will be successfully loaded at every reboot or startup instance of the infected machine. The [email protected]
will proceed by creating a batch file which is immediately executed. This will result in the disabling of the mouse pointing device and the keyboard.
The payload delivery routine involves the sending of two separate email messages. The first email which will pretend to be sent from the operating system developer will be forwarded by the [email protected]
to all contacts stored in the address book of the email client. It will have two file attachments. After successfully sending the first email, the [email protected]
will second a second email that is supposedly a computer game and has one file attachment. The [email protected]
will then create another batch file which is intended to delete files from specific folders on the hard drive.