W95.Ussrhymn

Risk Level 2: Low

Discovered:
November 9, 2000
Updated:
February 13, 2007 11:34:48 AM
Also Known As:
Win32.ZHymn.a [KAV], W95/Zhymn.a [McAfee], W32/ZHymn [Sophos], PE_USSRHYMN.A [Trend], Win32.Zombie.19986 [CA]
Type:
Virus
Systems Affected:
Windows 95, Windows 98, Windows Me

W95.Ussrhymn infects files on Windows 95/98 systems.The virus is based heavily on W95.Bistro, but does not include the features that made W95.Bistro so difficult to detect.

The virus infects Portable Executable (PE) files, and it adds an infected executable into .zip and .rar archives files. It also alters Wsock32.dll and contains support for UUEncoded files.

W95.Ussrhymn got its name from the payload, which plays an old Soviet Republic hymn on January 1st.

Antivirus Protection Dates

  • Initial Rapid Release version November 13, 2000
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version November 13, 2000
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date November 13, 2000
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Moderate

Damage

  • Damage Level: High

Distribution

  • Distribution Level: Low
Writeup By: Peter Ferrie

Search Threats

Search by name

Example: W32.Beagle.AG@mm
ThreatCon Widget
Internet Security Threat Report, Volume 16
Symantec DeepSight Screensaver