Definithing > mydoom

mydoom

this is a m-ss-mailing worm that arrives in an email message as follows:
-the message cannot be represented in 7-bit ascii encoding and has been sent as a binary attachment.
-the message contains unicode characters and has been sent as a binary attachment.
-mail transaction failed. partial message is available.

from: (spoofed)
subject: (random)
body: (varies, such as)

the message cannot be represented in 7-bit ascii encoding and has been sent as a binary attachment.
the message contains unicode characters and has been sent as a binary attachment.
mail transaction failed. partial message is available.
attachment: (varies .exe, .pif, .cmd, .scr – often arrives in a zip archive) (22,528 bytes)

when this file is run it copies itself to the local system with the following filenames:
-c:\program files\kazaa\my shared folder\activation_crack.scr
-%sysdir%\taskmon.exe
-(where %sysdir% is the windows system directory, for example c:\windows\system)

it also uses a dll that it creates in the windows system directory:
-%sysdir%\shimgapi.dll (4,096 bytes)

it creates the following registry entry to hook windows startup:
-hkey_local_machine\software\microsoft\windows\
currentversion\run “taskmon” = %sysdir%\taskmon.exe

the worm opens a connection on tcp port 3127 suggesting remote access capabilities

indications of infection:
-upon executing the virus, notepad is opened, filled with nonsense characters.
-existence of the files and registry entry listed above

this file tries to spread via email and by copying itself to the shared directory for kazaa clients if they are present.

the mailing component harvests address from the local system. files with the following extensions are targeted:
.wab, .adb, .tbb, .dbx, .asp, .php, .sht, .htm, .txt

additionally, the worm contains strings, which it uses to randomly generate, or guess, addresses.
:{ aw, you have mydoom virus :{

Read Also:
  • Mylundesque

    term that one uses when a particular situation is purely chaotic or insane. term given by mylund the mad, a sorcerer who was the personification of insanity and chaotic action. fnord! –mylund the mad “whoa dude, you just threw flaming poo at that armpit monster. thats so mylundesque.”

  • my mate

    someone you introduce to others when you really ain’t got a clue who they are do you wanna be my mate

  • myspace names

    when the “””scene””” kids want a catchy( when its no catchy or “cool” at all) name for their mysp-ces. mysp-ce names: chrischaos. hillaryhaywire. kikikannible. chritiechaos. mattm-ssacre. mistymisfit. raymondromance. reginarevenge. lesleyl-st. tammytoaster. you get the deal. a mysp-ce name is a nickname a person uses as their name on mysp-ce. it often rhymes and is composed […]

  • mystery fruit

    what the actual flavor is made from when a package of candy says “mystery flavor” i ate some candy today that was mystery fruit flavor. it was really good! a person who may or may not be “closet gay”. chris: so did mac ever come out? tommy: no, he’s still a mystery fruit.

  • MY TURN!

    n. when walking with friends, and having a soda or drink in your hand, you say “my turn” and throw it up in the air, in hoping that it will land on someone. i threw the dr. pepper up in the air while screaming “my turn”, and landed directly on mike. he took a shower […]

Disclaimer: mydoom definition / meaning should not be considered complete, up to date, and is not intended to be used in place of a visit, consultation, or advice of a legal, medical, or any other professional. All content on this website is for informational purposes only.