Mumu (computer worm)
|Technical name||BAT/Mumu. A|
|Point of isolation||Unknown|
|Point of origin||China|
Mumu is a computer worm that was isolated in June 2003.
Mumu consists of a mix of malicious files and actual utilities. Because of the easily customised nature of this worm, many variants have been discovered, but most are generically detected under the Mumu. A name. The lone exception is Mumu.B, which is detected separately by most antivirus programs.
The "standard" Mumu package consists of the following:
- A range of malicious batch files
- A number of "grey area" batch files, which use the utilities included in the Mumu package in a malicious way
- pcGhost and/or an nVidia utility, both of which are legitimate utilities
- Other various legitimate utilities
- A number of text files
As previously mentioned, this varies by version. Mumu spreads by scanning IP addresses for open administrative network shares. It then attempts to guess the password to gain access and copy itself over.
Heavy correlation of Mumu infections with infections of the Valla virus have been observed. It is suspected that Mumu caused a resurgence in Valla infections after Valla infected one of the .exe files included in the Mumu package. Previous to this, Valla was considered obsolete. It now ranks among the most-reported viruses on the WildList.
|This malware-related article is a stub. You can help Wikipedia by expanding it.|