1. Symantec/
  2. Security Response/
  3. W32.Randex.AAS


Risk Level 1: Very Low

April 22, 2004
February 13, 2007 12:21:51 PM
Systems Affected:

W32.Randex.AAS is a network-aware worm, which copies itself to, as the following, to the computers that have weak administrator passwords:
  • \Admin$\system32\GT.exe
  • \c$\winnt\system32\GT.exe
The worm receives instructions from an IRC channel on a predetermined IRC server. One such command will trigger the spreading across the previously mentioned network.

The worm is written in Microsoft Visual C++ and is packed with UPX.

Antivirus Protection Dates

  • Initial Rapid Release version April 23, 2004
  • Latest Rapid Release version August 8, 2016 revision 023
  • Initial Daily Certified version April 23, 2004
  • Latest Daily Certified version August 9, 2016 revision 001
  • Initial Weekly Certified release date April 28, 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Ying Lin

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube