Threat Database Worms W32.Inabot


By JubileeX in Worms

Threat Scorecard

Ranking: 14,407
Threat Level: 80 % (High)
Infected Computers: 51
First Seen: April 24, 2013
Last Seen: July 3, 2023
OS(es) Affected: Windows

W32.Inabot is a worm that proliferates through removable drives and network shares. W32.Inabot steals information from the corrupted PC. Once run, W32.Inabot creates the malevolent file. While being active, the original executable file is deleted in order to conceals occurrence on the targeted PC. W32.Inabot then creates the registry entry so that it can load automatically whenever you start Windows. W32.Inabot then connects to one of the command-and-control (C&C) servers and opens a back door on the affected computer system. W32.Inabot gathers information from the infected computer and transmits it to the remote cybercriminal. W32.Inabot can also initiate distributed-denial-of-service (DDoS) attacks through UDP or TCP flooding.

File System Details

W32.Inabot may create the following file(s):
# File Name Detections
1. %UserProfile%\Application Data\[RANDOM CHARACTERS FILE NAME].exe

Registry Details

W32.Inabot may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"[RANDOM KEY]" = "%UserProfile%\Application Data\[RANDOM CHARACTERS FILE NAME].exe"


Most Viewed