W32/Wootbot.4F19!bdr
Analysis
W32/Wootbot.4F19!bdr - 06-04-04
General Info:
This threat is a "PE" executable file, with file size 79872
Files:
- Copies itself to: undefinedSystemRootundefined/undefinedWinDirundefined
Installation to System:
- When run, it copies itself to:
undefinedSystem Folderundefined - And creates these registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce Microsoft Explorer AutoRun = "explorer.exe" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Microsoft Explorer AutoRun = "explorer.exe" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Microsoft Explorer AutoRun = "explorer.exe" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Microsoft Explorer AutoRun = "explorer.exe" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\