Selected viruses, spyware, and other threats: sorted alphabetically
W32/Avril-B, WORM_LIRVA.C, I-Worm/Naith.C
Win32/Lirva.C is a worm spreading as an email file attachment via IRC, ICQ and network drives. It is written in Visual C++ and compressed by UPX. The size of the packed file is 34 814 bytes. When its unpacked the size is more than 160 kilobytes.
Fw: Redirection error notification
Re: Brigada Ocho Free membership
Re: According to Purge's Statement
Fw: Avril Lavigne - CHART ATTACK!
Re: Reply on account for IIS-Security Breach (TFTP)
Re: ACTR/ACCELS Transcriptions
Re: IREX admits you to take in FSAU 2003
Fwd: Re: Have U requested Avril Lavigne bio?
Re: Reply on account for IFRAME-Security breach
Fwd: Re: Reply on account for Incorrect MIME-header
Re: Vote seniors masters - don't miss it!
Fwd: RFC-0245 Specification requested...
Fwd: RFC-0841 Specification requested...
Fw: F. M. Dostoyevsky "Crime and Punishment"
Re: Junior Achievement
Re: Ha perduto qualque cosa signora?
There is an attachment in this message 34814 bytes in size and has one of the following names:
The file avril-ii.inf created by the worm Win32/Livra.C contains following text:
2002 (c) Otto von Gutenberg
Made in .::]|KaZAkHstaN|[::.
As stated before, purpose is only educational, however...
I'm back to the scene with one more gift |Avril-II|
(remember 'A' version of Avril-II)
HINT:NB: NEVER ACCEPT GIFTS FROM THE STRANGER
Avril-II is commonly dangerous because of its over-trojaned issues
~Greetz to Brigada Ocho (http://vx.netlux.org/~b8),
and Weisses Fleisch Project (http://wf.h1.ru)
~Greetz to Rocco (http://primatelost.net)
Many thankx to my muse Avril Lavigne whose beauty causes work to flow rapidly
New features included: ICQ/IrC/ShaReD (urgently persuade to check it instantly)
BackOrifice-server dropper included
> How is my work?
Cheerz, Otto (www.otto-koden.h1.ru)
The rest of the Win32/Livra.C properties are the same as those of Win32/Lirva.A.
© 1992-2004 Eset s.r.o. All rights reserved. No part of this encyclopedia may be reproduced, transmitted or used in any other way in any other form or by any means without prior permission from Eset.