ExploreZip

From Wikipedia, the free encyclopedia

You have new messages (last change).

ExploreZip, also known as I-Worm.ZippedFiles, is a destructive computer worm which attacks machines running Microsoft Windows. It was first discovered in Israel on June 6, 1999.

[edit] Distribution

It is distributed in the form of an e-mail message with the words:

Hi!

I have received your email and I shall send you a reply ASAP. Till then take a look at the attached zipped docs.

Bye!

[edit] Payload

The message includes an attachment with the name ZIPPED_FILES.EXE. If opened, a dialog box appears in Windows resembling the one normally appearing when opening a corrupted Zip archive, while the worm copies itself onto the machine's hard drive, while modifying the WIN.INI file (Windows 9x) or the Windows Registry (Windows NT) so that it re-executes on reboot.

The worm looks for a copy of Microsoft Outlook to mail itself to all other people in the user's address book and also destroys Microsoft Office documents and C and C++ source files on the user's hard-drive by overwriting them with zero-byte files.

[edit] External links

Malware logo    This malware-related article is a stub. You can help Wikipedia by expanding it.
Retrieved from "http://en.wikipedia.org../../../e/x/p/ExploreZip_2804.html"