ExploreZip
From Wikipedia, the free encyclopedia
ExploreZip, also known as I-Worm.ZippedFiles, is a destructive computer worm which attacks machines running Microsoft Windows. It was first discovered in Israel on June 6, 1999.
[edit] Distribution
It is distributed in the form of an e-mail message with the words:
Hi!
I have received your email and I shall send you a reply ASAP. Till then take a look at the attached zipped docs.
Bye!
[edit] Payload
The message includes an attachment with the name ZIPPED_FILES.EXE. If opened, a dialog box appears in Windows resembling the one normally appearing when opening a corrupted Zip archive, while the worm copies itself onto the machine's hard drive. It also modifies the WIN.INI file (Windows 9x) or the Windows Registry (Windows NT) so that it re-executes on reboot.
The worm looks for a copy of Microsoft Outlook to mail itself to all other people in the user's address book and also destroys Microsoft Office documents and C and C++ source files on the user's hard-drive by overwriting them with zero-byte files.
[edit] External links
- Worm.ExploreZip – Symantec.com
- The ExploreZip worm - Computer Incident Advisory Capability (US Department of Energy)
 |
This malware-related article is a stub. You can help Wikipedia by expanding it. |
