English 
Email Worm.VBS.Gedza Email-Worm.VBS.Gedza
By
Domesticus in 
Loading ...
Email-Worm.VBS.Gedza Description
Gedza is a worm virus that spreads through email, network shares, P2P file sharing programs, and IRC. Once executed, Gedza will attempt to infect Word and Excel documents on your system with a VBS macro virus. This worm is known to cause frequent crashes. This virus may also display a JPG image of Avril Lavigne. Gedza will also display annoying messages, based on date. This virus is believed to originate from Spain.
Type: Worms
Automatic Detection of Email-Worm.VBS.Gedza
Email-Worm.VBS.Gedza Technical Report
As new Email-Worm.VBS.Gedza details are reported by our customers and findings from our Threat Research Center, we will update this section.
The following Email-Worm.VBS.Gedza files with its MD5s were created in the system:
| File Name | File Size | MD5 |
|---|
| malware.exe | 272349 | 8bb9e14d6823980c5741b3f20e8b0f91 |
| VGA32.exe | 31744 | 221eab3320f2a0627ec9fa33d5253ce4 |
| malware.exe | 2333 | 220a8ef96e9eeb785c1249a7787be63e |
| malware.exe | 30720 | c53891b875772e28f3a9ce1477bebdeb |
| malware.exe | 194560 | dd6706acd11f769764b3cfbe3fb239f1 |
| MsnPlus.exe | 35840 | 57c3939773079ba41d83133ffc64a5eb |
| malware.exe | 1372 | d9ab9360b7175cd08f54015bfc2a0c6f |
| malware.exe | 157184 | ca7d31ad4bded64d85eae393174082c1 |
| svchost.exe | 41472 | eeb757591bff75495b1924c139104360 |
| malware.exe | 16384 | 68f8709582af252dcc360b1569519d7d |
| svshots.exe | 16896 | fc16f8d2b88329bb03217e7acfd82fe3 |
| malware.exe | 1201 | d9b9892f1657c65ff797f2fe9a239891 |
| malware.exe | 2268 | d7e3c803dbc2f5cdfd140d5beaafd312 |
Email-Worm.VBS.Gedza has typically the following processes in memory:
- VGA32.exe
- svshots.exe
- MsnPlus.exe
Important Article Disclaimer
This entry was posted
on 08/24/07 and is filed under Worms.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
