Name Worm.MSH.Skowor.A   Type Worm     Author sk0r/Czybik     Written in PowerShell     Description I was looking for PowerShell based malware and eventually found the POC Skowor worm. The only worm written in this language. It attempts to propagate via the Kazaa P2P network by putting a copy of [...]

read full post »

      Name Win32/Blaster/Worm (Lovsan, Lovesan)   Type Spreader, Worm     Author Unknown     Written in C     Description This worm was very active in 2003. It spreaded via an RPC vulnerability and executed a DoS attack on a specific date. It’s a well structured code, easy to read and understand. [...]

read full post »

      Name Win32/ogw0rm   Type Spreader, Worm     Author Unknown     Written in C     Description Ogw0rm is a good example how malware propagates itself via Instant Messaging apps. It checks the process list for running IM applications and propagates itself by sending messages to new victims. It shows how [...]

read full post »

      Name Win32/Rbot   Malware type RAT, Worm     Author Unknown     Written in C     Description Rbot is an IRC controlled backdoor (or “bot”) that can be used to gain unauthorized access to a victim’s machine. It can also exhibit worm-like functionality by exploiting weak passwords on administrative shares [...]

read full post »