F-Secure Virus Information Pages: Zusha

Main Index

Security Guide

F-Secure World Map

Security Alerts

Virus Statistics

Malware Removal Tools

Malware Code Glossary

Submit Malware Sample

Select local site

Main Index » Security Centre » Descriptions

F-Secure Virus Information Pages: Zusha

[Summary]
Name :	Zusha
Alias:	Worm.Win32.Zusha.b, TrojanDownloader.Win32.Agent.co, Trojan.Win32.Small.aq, Worm.Win32.Zusha.a
Type:	Virus
Category:	Virus
Platform:	Win32

Radar

Summary

Zusha worm (both A and B variants) were found on September 8th,
2004. Zusha is a network worm that spreads using LSASS (MS04-011)
exploit. It also downloads and runs additional files from
the Internet. These files are downloaders, they can also kill
firewall application processes in memory and modify Windows
firewall configuration to bypass the built-in firewall. In
addition, a backdoor component is dropped and activated on
the infected systems.

Back to the Top

F-Secure Corporation

Last Modified: January 01, 2006