Once Again A Virus Targets The KaZaA Network - Duload

August 22, 2002

Kaspersky Labs reports the detection of the network worm "Duload", which is spreading across the KaZaA file-exchange network. Presently Kaspersky Labs has already received several registered instances of infection in Italy. The worm itself is a Windows (PE EXE) attachment written in Visual...

Kaspersky Lab reports the detection of the network worm Duload, which is spreading across the KaZaA file-exchange network. Presently Kaspersky Lab has already received several registered instances of infection in Italy. The worm itself is a Windows (PE EXE) application written in Visual Basic. Currently two modifications of the Duload worm are known, each having a different file size:

Worm.P2P.Duload.a - 18432 bytes

Worm.P2P.Duload.b - 7680 bytes (Compressed with the UPX utility) If the infected attachment is accidentally opened "Duload" copies itself to the Windows system directory under the name "SystemConfig.exe" and modifies the system registry so that this file automatically loads each time Windows is started. Next, the Duload worm creates a folder in the Windows directory called "Media" and copies itself to this directory under 39 different names. Such as:

Pamela Anderson And Tommy Lee Home Video.exe
Alicia Silverstone Payboy Nude.exe
Kama Sutra Tetris.exe
Soldier Of Fortune 2 Mutiplayer Serial Hack.exe
The Sims Game Crack.exe
Warcraft 3 Battle.net Crack.exe "Duload" then once again modifies the system registry in order to make the "Media" folder accessible to all other KaZaA network users. One modification of the worm (Worm.P2P.Duload.a) also downloads from an Internet site several Trojan programs designed to establish the unauthorized remote management of victim computers. The defense against "Duload" has already been added to the Kaspersky Lab Anti-virus database. More detailed information regarding the Duload network worm can be found in the Kaspersky Lab Virus Encyclopedia.

Once Again A Virus Targets The KaZaA Network - Duload

Kaspersky

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Once Again A Virus Targets The KaZaA Network - Duload

Once Again A Virus Targets The KaZaA Network - Duload

About Kaspersky

Related Articles Press Releases

Dangerous Loki backdoor discovered: Kaspersky experts identify agent in Russian company cyberattacks

DIY Ransomware: novice cybercriminals bigger threat thanks to off-the-shelf code

Kaspersky identifies new APT group targeting Russian government entities

SMB cyber infections rising amid resurgence of attacks leveraging Microsoft Excel, Kaspersky reports

Every third cyber incident was due to ransomware, Kaspersky reports

Global mobile banking malware grows 32 percent in 2023

Turkey, Russia, Southeast Asia and Latin America hit by Android threats, Kaspersky identifies

‘Coyote’ ugly: Kaspersky unveils banking trojan targeting over 60 institutions

New cross-platform threats uncovered by Kaspersky

Kaspersky reveals advanced tactics in cyber espionage campaigns using MATA toolset