About: CoolNotepad   Sponge Permalink

An Entity of Type : dbkwik:resource/uazuHg3wEfJ5Uid5iYR3Jw==, within Data Space : 134.155.108.49:8890 associated with source dataset(s)

CoolNotepad is an email worm that propagates through both Microsoft Outlook and mIRC, similar to the LoveLetter worm. The infection will start with the user receiving an infected email that may look like this: Cool Notepad Demo Hey check out this text file I sent it will do something neat in notepad. Enjoy :) COOL_NOTEPAD_DEMO.TXT.vbs As common file extensions are hidden by default, the user will simply see "COOL_NOTEPAD_DEMO.TXT", and thus believe it to be simply a text document, and thus may open it without suspecting it to be malicious.

AttributesValues
rdf:type
rdfs:label
  • CoolNotepad
rdfs:comment
  • CoolNotepad is an email worm that propagates through both Microsoft Outlook and mIRC, similar to the LoveLetter worm. The infection will start with the user receiving an infected email that may look like this: Cool Notepad Demo Hey check out this text file I sent it will do something neat in notepad. Enjoy :) COOL_NOTEPAD_DEMO.TXT.vbs As common file extensions are hidden by default, the user will simply see "COOL_NOTEPAD_DEMO.TXT", and thus believe it to be simply a text document, and thus may open it without suspecting it to be malicious.
dcterms:subject
dbkwik:malware/pro...iPageUsesTemplate
Platform
  • Microsoft Windows
Name
  • CoolNotepad
Type
  • Worm
filetype
  • VBS
AKA
  • Email-Worm.VBS.CoolNotepad
abstract
  • CoolNotepad is an email worm that propagates through both Microsoft Outlook and mIRC, similar to the LoveLetter worm. The infection will start with the user receiving an infected email that may look like this: Cool Notepad Demo Hey check out this text file I sent it will do something neat in notepad. Enjoy :) COOL_NOTEPAD_DEMO.TXT.vbs As common file extensions are hidden by default, the user will simply see "COOL_NOTEPAD_DEMO.TXT", and thus believe it to be simply a text document, and thus may open it without suspecting it to be malicious. The worm, like many others, will search for contacts in Outlook's address book, sending copies of the email above with the worm attached. It can also spread through IRC, infecting channels which will attempt to send the file to users who attempt to join it. The worm will add itself to the system registry such that it executes on startup: HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun It will also edit the registry such that all shortcuts on the desktop are hidden: HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer NoDesktop = 1
Alternative Linked Data Views: ODE     Raw Data in: CXML | CSV | RDF ( N-Triples N3/Turtle JSON XML ) | OData ( Atom JSON ) | Microdata ( JSON HTML) | JSON-LD    About   
This material is Open Knowledge   W3C Semantic Web Technology [RDF Data] Valid XHTML + RDFa
OpenLink Virtuoso version 07.20.3217, on Linux (x86_64-pc-linux-gnu), Standard Edition
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2012 OpenLink Software