Home / malware Worm:Win32/Vermis.gen!lnk
First posted on 30 April 2015.
Source: MicrosoftAliases :
There are no other names known for Worm:Win32/Vermis.gen!lnk.
Explanation :
Threat behavior
Installation
Typically, this threat gets onto your PC from different malware families using .LNK or .INFfiles as entry point of execution.
.LNK is a file name extension that identifies shortcut files in Windows. .INF is a file name extension that identifies device information files, for example, those files containing scripts used to control hardware operations.
This threat is a component of the of worms, such as IRCBot, Phorpiex, Dorkbot, Caphaw, etc. Typically, the worm drops this component in the Windows Recycler
, Trash
, or removable drives.
Some examples of executable file locations:
- RECYCLER\0xD80A89C7.exe
- recycler\37e32d80.scr
- RECYCLED\e2a38afd.exe
- .Trashes\b3fdadef.com
- .Trashes\c4894f11.exe
- .Trashes\e2a38afd.pif
- .TrasheD\f9216981.exe
Spreads through...
Typically, this threat gets installed onto your PC by other worms when you visit a compromised webpage.
Symptoms
Alerts from your security software might be the only symptom.
Last update 30 April 2015
