PE_MUSTAN.A is an infection that tends to take advantage of computer users that use weak passwords to protect their online accounts, networks and computers. PE_MUSTAN.A is designed to take advantage of weak passwords in a variety of online accounts, applications and other situations requiring the use of login credentials. PE_MUSTAN.A is linked with a worm that was observed in 2011, known as WORM_MORTO.SM. The PE_MUSTAN.A infection uses brute force tactics to try to overcome a network's protection and can quickly breach a network that is poorly protected. The PE_MUSTAN.A worm is a file infector, also known as a virus. PE_MUSTAN.A is programmed to compromise executable files with the EXE extension and will quickly spread throughout a computer. PE_MUSTAN.A avoids executable files that may cause a noticeable system crash, typically system files and applications by Microsoft such as Windows Explorer, Microsoft Outlook, Microsoft Movie Maker and Windows Live Messenger.
How the PE_MUSTAN.A Worm Spreads
Apart from infecting files in a way similar to a virus, PE_MUSTAN.A also uses worm-like tactics to spread through a network. Like the worm that was mentioned previously, the PE_MUSTAN.A infection uses Remote Desktop Protocol to gain access to other computers located on the infected machine's network. PE_MUSTAN.A uses a list of name and passwords that are typically considered weak and easy to crack to gain access to computers on the network. If these computers are using weak passwords, the PE_MUSTAN.A malware threat can then gain access to those computers and infect executable files on those computers. Apart from spreading through a network, the PE_MUSTAN.A worm also makes copies of itself on all drives detected on the infected computer, shared network folders and shared drives.
Some Additional Information About the PE_MUSTAN.A Worm
The PE_MUSTAN.A worm receives its commands from its Command and Control server using the DNS text record by receiving an encoded string that points PE_MUSTAN.A to the URLs where PE_MUSTAN.A can download additional malware. This allows the PE_MUSTAN.A worm to create a backdoor on the infected computer or to relay important information on the infected computer to a remote server. Most PE_MUSTAN.A attacks are concentrated in the Asia Pacific region. To prevent becoming infected with the PE_MUSTAN.A worm, ESG security researchers strongly advise that computer users use strong passwords with a variety of characters and considerable length.
File System Details
Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.