W32.Korgo.E is a minor variant of W32.Korgo.D
. This worm propagates by exploiting the LSASS vulnerability on TCP port 445 (as described in Microsoft Security Bulletin MS04-011
). It also opens backdoors on TCP ports 113 and 3067.
W32.Korgo.E is compressed with UPX compressor.
Virus definitions version 60408w (extended version 4/8/2004 rev. 23) detect this threat as Bloodhound.Packed.
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.