Virus Info >
Virus Threats >
W32/Zotob.B has the same functionality as W32/Zotob.A, but differs in its code which has undergone slight modifications and some key data changed, e.g. IRC server, user, password, etc.
A packed PE executable like the previous variant, W32/Zotob.B seems to have shrunk a whole 3 bytes as it is now 15.386 bytes long.
The shell code for the exploit is still designed for Windows 2000, and is only able to infect computers running this operating system
Legal notices |
CYREN ® © 1993-2014. All rights reserved.