Threat Database Worms Mal/Emogen-I


By Domesticus in Worms

Mal/Emogen-I is a self-replicating computer worm that can circulate without a user's interruption. Once there is a file-sharing network or the network share is not protected, Mal/Emogen-I will take advantage of these situations and affect the remote computers. Mal/Emogen-I usually circulates via email attachments or instant messages. Mal/Emogen-I installs itself secretly without any signs, such as setup window or dialog box. Once installed, Mal/Emogen-I will infect system file and programs, steal user's confidential data, change system settings or drop backdoors to the PC system.

File System Details

Mal/Emogen-I may create the following file(s):
# File Name Detections
1. %Windir%\log.bat
2. %Windir%\orbit.exe
3. %Windir%\reg.exe
4. %Windir%\WindowsInstaller.dll

Registry Details

Mal/Emogen-I may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B2E2DA4E-B3CD-4D52-A074-A8063EC81BDF}


Most Viewed