| Malas.A is a Worm. Worms spread from computer to computer, making copies of themselves over the network. They could spread over email, IM, peer-to-peer networks, or directly over the wire by leveraging vulnerabilities. Malas.A is compressed using the EMBEDDED executable packer and its file size is 163,840 bytes. Malas.A drops the following files on the hard drive: |
It also changes Windows registry:
- C:\WINDOWS\SYSTEM32\REGSCAN.EXE (24576 bytes)
- C:\WINDOWS\SYSTEM32\stray.exe (24576 bytes)
It also has possible backdoor functionality [someserv] port 128, is executed every time Windows starts.
- Creates value "REGSCAN"="REGSCAN.EXE" in key "HKLM\Software\Microsoft\Windows\CurrentVersion\Run".