基本介紹
簡介,病毒行為,
簡介
病毒別名: 威脅級別:★
中文名稱: 影響系統:Win 9x/ME,Win 2000/NT,Win XP,Win 2003
病毒行為
1.生成檔案:
%WINNT%\Flagex.Flg
%WINNT%\inetexplore.exe
%WINNT%\system\ActorsGallery.zip
%WINNT%\system\inetalert.exe
%WINNT%\system\InstallGallery.exe
%WINNT%\system\sysfile.dat
%WINNT%\system\zippwdinfo.dat
2.添加註冊表起始項,使病毒開機運行:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
inetexplore
"%WINNT%\inetexplore.exe"
3.修改以下註冊表鍵值,使病毒關聯到exe:
HKCR\exefile\shell\open\command
@
"%WINNT%\system\inetalert.exe "%1" %*"
HKLM\SOFTWARE\Classes\exefile\shell\open\command
@
"%WINNT%\system\inetalert.exe "%1" %*"
4.生成互斥量:
OneCopyMutex
5.病毒在第一次運行的時候會彈出對話框,迷惑用戶自己運行失敗:
The installation has failed to start because
_agl43.dll was not found. Re-installing the
application may fix this problem.
6.傳送在用戶機器上搜尋郵件地址並且把自己傳送出去
郵件標題為:
Actors Sexy Pictures! (Axe Sexye Bazigarhaye Cinema)
內容為:
Hi my friend. This is a funny sexy actors pictures.
Enjoy it!!
Salam be tamamie baro bach inam ye collectione bahal
az axaye sexye bazigaraye cinamast. bebinid va faghat
Bekhandid!! ;)
附屬檔案檔案名稱: