SecurityHome.eu Worm:Win32/Copali.B

Home / malware PDF

Worm:Win32/Copali.B

First posted on 17 February 2019.
Source: Microsoft
Aliases :
There are no other names known for Worm:Win32/Copali.B.
Explanation :
Installation Worm:Win32/Copali.B copies itself to c:zcsrss.exe. The malware creates the following files on your PC:
c:zdesktop.ini Spreads via… Removable drives Worm:Win32/Copali.B can create the following copies on removable drives, such as USB flash drives:

:zcsrss.exe Payload Changes system settings Worm:Win32/Copali.B hides the "Show hidden files and folders" option in the Windows Explorer Folders Options menu by making the following registry change:

Sets value: "CheckedValue"
With data: "0"
In subkey: HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL
This malware description was produced and published using automated analysis of file SHA1 123e2f1464f44ad7cbb2a99ac3fe4a6088f51346.
Last update 17 February 2019

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Worm:Win32/Copali.B