Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- June 4, 2004
- Updated:
- February 13, 2007 12:24:03 PM
- Also Known As:
- Win32.Dabber.B [Computer Assoc, Net-Worm.Win32.Dabber.c [Kaspe, Exploit-DcomRpc.gen [McAfee], W32/Dabber-C [Sophos], WORM_DABBER.C [Trend Micro]
- Type:
- Worm
- Systems Affected:
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
W32.Dabber.B is a variant of W32.Dabber.A. This worm propagates by exploiting a vulnerability in the FTP server component of W32.Sasser.Worm and its variants.
W32.Dabber.B is based on available exploit code. It installs a backdoor on infected hosts and tries to listen on port 9898. If the attempt fails, W32.Dabber.B tries to listen on ports 9899 through 9999 in sequence until it finds an open port.
This threat is written in C++ and is packed with UPX.
Antivirus Protection Dates
- Initial Rapid Release version June 5, 2004
- Latest Rapid Release version September 28, 2010 revision 054
- Initial Daily Certified version June 5, 2004
- Latest Daily Certified version September 28, 2010 revision 036
- Initial Weekly Certified release date June 7, 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
- Wild Level: Low
- Number of Infections: 0 - 49
- Number of Sites: 0 - 2
- Geographical Distribution: Low
- Threat Containment: Easy
- Removal: Moderate
Damage
- Damage Level: High
Distribution
- Distribution Level: Low
Writeup By: Kevin Ha
