|
|
|  |
|
|
|
|
F-Secure Malware Information Pages: Perlovga.A

|
|
|
| Radar |
 |
|
|
|
Summary
|
| Perlovga.A copies itself to the Windows folder. |
|
|
|
Detailed Description
|
Upon execution, Perlovga.a acquires the drive letter from which the file is executed. It then opens the root folder of that drive and copies itself as xcopy.exe to the %windir%\xcopy.exe.
It then copies the file host.exe from the root drive of the current drive to %windir%\svchost.exe.
It then copies autorun.inf from the rot drive of the current directory as %windir%\autorun.inf, executes the file %windir%\svchost.exe and then exits.
For more details, read about it on our blog at http://www.f-secure.com/weblog/archives/archive-012007.html#00001097 |
|
|
|
F-Secure Corporation |
|
|
|
|
|
Last Modified: February 01, 2007
|
|
|
|
|