Discussion in 'malware problems & news' started by FanJ, Nov 13, 2002.

Thread Status:
Not open for further replies.
  1. FanJ

    FanJ Guest


    Togod is an Internet worm spreading in the KaZaa peer-to-peer file
    sharing network. The worm replicates by copying itself into KaZaa shared

    Togod is a Windows application (PE EXE file) about 100KB in size
    (compressed by UPX, the decompressed size is about 175KB), written in

    The worm copies itself to the KaZaa directory using the following names:

    borland delphi 6 enterprise.exe
    paltalk crack.exe
    visual basics .NET.exe
    visual basics 6.exe
    visual c++.exe
    c++ compiler.exe
    anal whore getting it from 2 guys in the ass.gif.exe
    blond slut gets in every hole.gif.exe
    porno slideshow.gif.exe
    Star wars episode 2.mpg.exe
    Britney spears naked.gif.exe
    Windows XP Pro with cd key.exe
    Windows xp cd key keygen.exe
    borland software keygen.exe
    microsoft apps keygen.exe
    kiddie porn 9 year old.gif.exe
    kiddie porn 14 year old.gif.exe
    Adobe photoshop 7.exe
    Adobe Photoshop 6.exe
    Macromedia Flash 6 MX.exe
    The Matrix Reloaded MOVIE.exe
    counter strike.exe
    half life with cd key.exe
    counter strike cd key.exe
    command and conquer renegade keygen.exe
    password cracker.exe
    hotmail password stealer.exe
    aol password stealer.exe
    CloneCD Keygen.exe
    Conceal PC Firewall.exe
    Credit Card Generator.exe
    Adult Password Generator.exe
    DSL Uncapper.exe
    hacking tools 2002.exe
    Ghost Recon.exe
    ICQ hack.exe
    lesians *******.mpeg.exe
    Macromedia Flash MX.exe
    Macromedia Flash 5.exe
    Kazaa advertisement remover.exe
    Kazaa ad remover.exe
    Max Payne Full iso.exe
    Max Payne.exe
    Microsoft Visual C++ 7.0 iso.exe
    norton antivirus 2002.exe
    Nero cd burning 5.5 full.exe
    Microsoft Office XP Professional full.exe
    X Box Xbox emulator.exe
    Quake 4 beta.exe
    Norton firewall 2002.exe
    Blackice firewall.exe
    Return To Castle wolfenstein iso.exe
    Soldier Of Fortune 2 full iso.exe
    Star wars episode 2 attack of the clones.exe
    Warcraft 3 full iso.exe
    Warez finder (download and verify).exe
    XXX password stealer.exe
    ZoneAlarm pro firewall.exe
    AOL password stealer.exe
    Hotmail password stealer.exe
    Yahoo password stealer.exe
    xxx site password stealer.exe
    hackers hand book.exe
    The Togod worm then displays a fake error message:

    Error loading RCDATA
    The worm also creates a randomly named EXE file in the Windows directory where it writes the code for "Backdoor.Lithium" and executes it.

    Togod also contains the text:

    Hello to all the av's i hope to god norton doesnt detect this first... that would be sad.
    Hell yeah kaspersky!

    For more details please visit the Kaspersky Virus Encyclopedia at:
Thread Status:
Not open for further replies.