Pinom.C_1 is a Worm. Worms spread from computer to computer, making copies of themselves over the network. They could spread over email, IM, peer-to-peer networks, or directly over the wire by leveraging vulnerabilities. Pinom.C_1 is compressed using the executable packer and its file size is 20,992 bytes. It uses the network connection: - Looks for an Internet connection.
Pinom.C_1 drops the following files on the hard drive: - C:\WINDOWS\SYSTEM32\penis.exe (20992 bytes)
- C:\WINDOWS\system.ini (39 bytes)
Pinom.C_1 makes the following additional changes to the infected computer: - Modifies profile key "shell"="Explorer.exe penis.exe" in section [boot] of file system.ini.
It creates the following mutex to ensure only one instance is running: STFUKTHX. It also monitors the list of running processes.
|