| Name: | Nimda |
| Aliases: | Concept Virus (CV) v.5, W32.Nimda, Minda, W32.Minda, I-Worm.Nimda, Code Rainbow , PE_Nimda.A, CV-5, |
| Ports: | 25, 69, 80, 137, 138, 139, 445 |
| Files: | Readme.exe - 57,344 bytes (version A)Load.exe - Sample.exe - (version E)Mmc.exe - overwitten by wormCsrss.exe - (version E)Readme.eml - 120 bytes Puta!!.eml - (version B)Puta!!.scr - (version B)???.eml - ???.nws - Riched20.dll - (version A, the original file is overwitten by Nimda, and replaced)Admin.dll - Httpodbc.dll - (version E)Wininit.ini - Mep*.tmp.exe - (version A)Mep*.tmp - (version A) - 24,576 bytes (??) - 26,112 bytes (version Q) - 26,624 bytes (version J) - 27,136 bytes (version B) - 28,672 bytes (version C) - 844,800 bytes (version I) |
| Created: | Sep 2001 |
| Requires: | |
| Actions: | Virus / Worm / Mail trojan / Network trojan / Hacking tool |
| Registers: | HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MapMail, CacheHKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folder, Cache |
| Notes: | Works on Windows 95, 98, ME, NT, 2000 and XP, together with MS Internet Information Server (IIS), MS Internet Explorer 5.5 SP1, MS Outlook , MS Outlook Express and MS Word. |
| Country: | |
| Program: |