W32 / Francette-K is a backdoor worm and worm that is capable of attacking systems previously infected with W32 / Mydoom worms.
Virus Name: W32 / Francette-K
Worm: Depth Win32
Aliases:
Worm.Win32.Francette.l, W32 / Tumbi.worm.gen.b, W32.Francette.Worm, WORM_FRANCETTE.L
Date appeared on May 27, 2004
Describe:
- W32 / Francette-K can access computers through the DCOM RPC vulnerability. (For more information on this vulnerability, see the digital security newsletter. MS03-026 of Microsoft).
- W32 / Francette-K allows hackers to gain unauthorized access to the infected system remotely. The worm will install into the file " lol.dll "to record the keyboard operation, and then forward this information to a secret e-mail account. & nbsp;
- W32 / Francette-K can connect to an IRC server and leave a "backdoor", allowing connections through IRC channels.
- W32 / Francette-K will generate a value in the registry key so that the worm can run automatically when the computer starts up: & nbsp;
HKLMSoftwareMicrosoftWindowsCurrentVersionRunMicrosoft IIS
