Fandom

Computer Security Wiki

Nimda

159pages on
this wiki
Add New Page
Talk0 Share
Nimda
Aliases
  • Net-Worm.Win32.Nimda (Kaspersky Lab)
  • Exploit-MIME.gen.exe (McAfee)
  • W32.Nimda.enc (Symantec)
  • Trojan.IframeExec (Doctor Web)
  • W32/Nimda-A (Sophos)
  • HTML/IFrame_Exploit* (RAV)
  • Archive Contains Infected Items (Trend Micro)
  • W32/Nimda.eml (Avira)
  • Win32:Nimda (ALWIL)
  • I-Worm/Nimda (AVG)
  • Win32.Nimda.A@mm (BitDefender)
  • W32.Nimda.eml (ClamAV)
  • Exploit/iFrame (Panda)
  • Win32/Nimda.A (Eset)
Type Worm
Affected platform/s Microsoft Windows
Nimda is a computer worm, and is also a file infector observed in the Internet on September 18, 2001. It quickly spread, eclipsing the economic damage caused by past outbreaks such as Code Red. Multiple propagation vectors allowed Nimda to become the Internet’s most widespread virus/worm within 22 minutes. Due to the release date, some media quickly began speculating a link between the virus and Al Qaeda, though this theory ended up proving unfounded.

This is a virus-worm that spreads via the Internet attached to infected e-mails, and copies itself to shared directories over a local network, and also attacks vulnerable IIS machines (Web sites). The worm itself is a Windows PE EXE file about 57Kb in length, and is written in Microsoft C++.[1]

In order to run from an infected message, the worm exploits a security breach. The worm then installs itself to the system, and runs a spreading routine and payload.

The worm contains the following "copyright" text string:

Concept Virus(CV) V.5, Copyright(C)2001 R.P.China

ReferencesEdit

External linksEdit

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.