Select local site

| Japanese | Simplified Chinese | Traditional Chinese (Hong Kong) | Traditional Chinese (Taiwan)

F-Secure Virus Information Pages: Zusha

[Summary]

Name : Zusha
Alias:Worm.Win32.Zusha.b, TrojanDownloader.Win32.Agent.co, Trojan.Win32.Small.aq, Worm.Win32.Zusha.a
Type:Virus
Category:Virus
Platform:Win32
Radar

Summary

Zusha worm (both A and B variants) were found on September 8th,
2004. Zusha is a network worm that spreads using LSASS (MS04-011)
exploit. It also downloads and runs additional files from
the Internet. These files are downloaders, they can also kill
firewall application processes in memory and modify Windows
firewall configuration to bypass the built-in firewall. In
addition, a backdoor component is dropped and activated on
the infected systems.
Back to the Top



F-Secure Corporation

Last Modified: January 01, 2006