1. /
  2. Security Response/
  3. W32.Cridex


Risk Level 1: Very Low

January 20, 2012
April 5, 2012 10:04:36 AM
Infection Length:
Systems Affected:
Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP
W32.Cridex is a worm that spreads by copying itself to mapped and removable drives. It also opens a back door and downloads potentially malicious files on to the compromised computer.

Antivirus Protection Dates

  • Initial Rapid Release version January 20, 2012 revision 017
  • Latest Rapid Release version March 4, 2015 revision 032
  • Initial Daily Certified version January 21, 2012 revision 009
  • Latest Daily Certified version March 4, 2015 revision 037
  • Initial Weekly Certified release date January 25, 2012
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy


  • Damage Level: Medium
  • Payload: Opens a back door and downloads potentially malicious files.


  • Distribution Level: Medium
  • Target of Infection: Shared and removable drives.
Note: On May 14, 2015, modifications will be made to the threat write-ups to streamline the content. The Threat Assessment section will no longer be published as this section is no longer relevant to today's threat landscape. The Risk Level will continue to be the main threat risk assessment indicator.
Writeup By: Paul Mangan

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report