Virus

W32/Dialler

Analysis

  • Threat is 32bit with a sizes ranging between 17Kb and 20Kb
  • Threat was sent as spam and in mass-mailings in an attempt lure unsuspecting dial-up modem users to dial sex phone numbers for monetary gain
  • In some cases, the threat presents itself as an “Internet Sex Explorer” with capability to connect to websites via VPN
  • Threat may install itself into the Windows\System folder in a new folder named “windialup” as in
    C:\Windows\System\windialup\filename.exe