W32/Allaple-B

Category: Viruses and SpywareProtection available since:20 Dec 2006 00:00:00 (GMT)
Type: Win32 wormLast Updated:20 Dec 2006 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

W32/Allaple-B is a network worm for the Windows platform.

W32/Allaple-B spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: SRVSVC (MS06-040), RPC-DCOM (MS04-012), PNP (MS05-039) and ASN.1 (MS04-007) and by copying itself to network shares protected by weak passwords.

W32/Allaple-B searches local disks for HTML files and injects code into them to activate the installed copy of the worm. W32/Allaple-B is a network worm for the Windows platform.

W32/Allaple-B spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: SRVSVC (MS06-040), RPC-DCOM (MS04-012), PNP (MS05-039) and ASN.1 (MS04-007) and by copying itself to network shares protected by weak passwords.

When first run W32/Allaple-B copies itself to <System>\urdvxc.exe.

The W32/Allaple-B is registered as a COM object.

W32/Allaple-B installs itself as a service with the name "MSWindows".

W32/Allaple-B searches local disks for HTML files and injects code into them to activate the installed copy of the worm.