Worm.Lovgate.F New Malware Threat

October 9th, 2009 | No Comments » Posted by Harry

TrustedSource announce new worm called Worm.Lovgate.F that affected application/executable media type in Win32 platform. This worm can drops malicious files, uses its own Email engine and modify Registry.

According to TrustedSource this worm will copies itself to the following locations:
%SYSDIR%\IEXPLORE.EXE
%SYSDIR%\kernel66.dll
%SYSDIR%\RAVMOND.exe
%SYSDIR%\WinDriver.exe
%SYSDIR%\WinGate.exe
%SYSDIR%\WinHelp.exe
%SYSDIR%\winrpc.exe

The following files are created:
– %SYSDIR%\111.dll (81920 bytes) Further investigation pointed out that this file is malware, too. Detected as: Worm.Lovgate.F.2
– %SYSDIR%\ily668.dll (81920 bytes) Further investigation pointed out that this file is malware, too. Detected as: Worm.Lovgate.F.2
– %SYSDIR%\reg678.dll (81920 bytes) Further investigation pointed out that this file is malware, too. Detected as: Worm.Lovgate.F.2
– %SYSDIR%\Task688.dll (81920 bytes) Further investigation pointed out that this file is malware, too. Detected as: Worm.Lovgate.F.2

See detail specification : http://www.trustedsource.org/malware-virus-description/194

Tags: malicious files, new malware, new worm, trustedsource, virus description

You can leave a response, or trackback from your own site.

Worm.Lovgate.F New Malware Threat

Leave a Reply

About Me

Wordpress

Berita IT

Hosting and Domain

Contest

BaliBlogger

Other Categories