W32/Stap-E is a worm for the Windows platform.
W32/Stap-E has the functionalities to:
- spread by network shares
- send mail to email addresses found on the infected computer
W32/Stap-E is a worm for the Windows platform.
W32/Stap-E has the functionalities to:
- spread by network shares
- send mail to email addresses found on the infected computer
When run, W32/Stap-E copies itself as the following files:
<Startup>\Office_viewer.exe
<Program files>\StartUp\readme.exe
<Program files>\StartUp\net.exe
<Program files>\StartUp\biblezip.exe
<Program files>\MSDTC.exe
<Startup>\MSDTC.exe
virusdefupdate_zip
LANdriver_zip
chikka_zip
yahoomgr_zip
pictures_zip
winupdate_zip
A:\documents_zip.exe
When run, W32/Stap-E creates the following files:
C:\clog.tmp
C:\plog.tmp
C:\yourip.tmp
The files clog.tmp, plog.tmp and yourip.tmp can be deleted safely.
When run, W32/Stap-E sets the following registry entries:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
rundll32
<Program files>\MSDTC.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Common Startup
<Startup>\Office_viewer.exe
HKLM\SOFTWARE\Microsoft
micro
<Date and time of worm execution>