W32/MumaWow.e!inf

This page shows details and results of our analysis on the malware W32/MumaWow.e!inf

Overview

W32/MumaWow.e!inf is a dropper for the W32/MumaWow virus. It also downloads multiple password stealers and newer variants of W32/MumaWow family.


Minimum DAT

5324 (2008-06-24)

Updated DAT

5586 (2009-04-16)

Minimum Engine

5400.1158

File Length

~28 KiloBytes

Description Added

2008-06-24

Description Modified

2008-06-30

Malware Proliferation

Characteristics

W32/MumaWow.e!inf is a dropper for the W32/MumaWow virus. It also downloads multiple password stealers and newer variants of W32/MumaWow family.

Upon execution of W32/MumaWow.e!inf infected files it drops and executes xue.xue (W32/MumaWow) infector and downloader. For further information on W32/MumaWow infector visit the following link:
http://vil.nai.com/vil/content/v_141958.htm

Symptoms

Presence of xue.xue.

Method of Infection

This is a network aware worm and is capable of spreading through open network shares

Removal

A combination of the latest DATs and the Engine will be able to detect and remove this threat. AVERT recommends users not to trust seemingly familiar or safe file icons, particularly when received via P2P clients, IRC, email or other media where users can share files.

 

Variants