Main Menu

Virus-tans?

Started by Gussy Keniji, June 30, 2007, 11:42:32 PM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Gussy Keniji

Yo, Gussy Keniji here...with a question in mind (sorta...)

...have there ever been any 'Virus-tans' out there, I'm probably askin for trouble while dabblin in this, but I'm extremely curious about this sorta thing, though I'm pretty sure there is...somewhere...anyhoo anybody got a verdict?

"Wut..."

Aurora Borealis

Yes there are. There is one created by +Nijiura+ (nijiura.com), recognizable with her blonde-brown hair in a side ponytail with a bomb-shaped hairtie and has the catchphrase of "IJIMERU!" (translated as "ABUSE!"). And the forum member infinity_zero has created the Rabbit.exe-tan, Spida-tan and MyDoom-tan (I actually don't know if they're all viruses but they're at least some form of malware-tans)

Tsubashi

Well, by technical definition only Rabbit.exe-tan can be considered a virus; the other two are worms. ^-^
Incidentally, I would have introduced them in the opposite order, for if memory serves, I believe Infinity-sama created hers before Viru-tan! ^__^
-Tsu

chuk90

Where is Norton-tan? :)

Aurora Borealis

I assume you mean the antivirus program? There's no Norton-tan but there is a Norton-kun who is represented as a perverted (and sometimes ghost-like) doctor.



Here he is trying to sneak up on OS X-tan

Icelilly

Just curious, but what is Spida and Rabbit.EXE? I know they are viruses but I've never actually heard anything about them. ^^;


Tsubashi

Well, Rabbit.exe is commonly associated with the W32/Mimail.s Virus. It was a rather low-threat virus, lacking prevalency and the maliciousness most malware possess. The virus propagated itself by harvesting email addresses from the victim's computer, typically sending E-mail like:
"Here is the file you asked for!"
Adding itself as an attachment. Upon executing within the victim's computer the following files are created.

C:\ms.hta - html
C:\WINDOWS\outlook.cfg <-- List of email addresses
C\WINDOWS\rabbit.exe <-- Virus

The following registry key is created to run the worm at startup:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\
CurrentVersion\Run "RabbitWannaHome"= %WINDIR%\rabbit.exe

Then, the virus tries to steal user's credit card information by displaying a fake Microsoft licensing window. The stolen credit card numbers are sent to email addresses found in the worm's body. The addresses are within the domains @mail15.com and @ziplip.com. The stolen information is stored in the file "C:\XX"


Data on Spida-tan, coming up! ^-^
*Continues Typing*
-Tsu

Icelilly

That's scary!!! O_____O;
I hope it doesn't happen to me!

Makes me wonder what Spida-tan does...


Tsubashi

Gomen nasai, I had to finish up some flash development for work... ^^'
Anyways, there is no reason to fear Spida-tan, unless you are a lazy Micosoft SQL server manager!

You see, the Spida worm infects Microsoft SQL servers that have a blank systems administrator account password. Basically, it will try to execute its startup script by running the "xp_cmdshell" function (an SQL call used to execute system commands within SQL queries). The main function of the Spida worm is to export an infected server's SAM password database and forward information about its network and database configuration.
The worm installs all of its files into the \Windows\system32 directory
except for services.exe, which is installed into the
\Windows\system32\drivers directory.
Files Installed:
sqlprocess.js
sqlexec.js
sqldir.js
run.js
sqlinstall.bat
clemail.exe
services.exe
pwdump2.exe
samdump.dll
timer.dll

While Spida-tan does not destroy data, it may use a high level of network traffic when she scans for new servers to infect. The scanner bundled with the worm is multi-threaded and is capable of scanning with 100 threads. A large amount of network traffic is created by the worm, which scans both internal and external IP addresses for vulnerable servers.

Added after 2 minutes:

Oh, and as a side note, both of these Viruses are outdated; the chance of you getting one is next to nil (especially if you run Mac or Linux!)
Even if you did, almost every anti-virus program is more than equipped to deal with them! ^__^
-Tsu

Icelilly

Oh, I see! ^^
How out-dated are we talking about? O_O; I have 98SE and Norton Anti-Virus 2004! It can't be that out-dated!


Tsubashi

Well, I only know Rabbit.exe-tan's approximate Birthday off the top of my head, but I think it was around 01/28/2004, so I think you will be fine ^__^

Added after 49 seconds:

I know Spida-tan is older, though, somewhere around 5/21/2002
-Tsu

Icelilly

*calms down*
Okay, I think I'll be fine ^^

Just curious again but how old is the MyDoom virus? Was that around 2000 or 2001?

EDIT: Whoo! I got my first star! ^___^
*is all proud*


Tsubashi

Well, my sources tell me it was first sighted at 8am EST on January 26, 2004. ^__^
-Tsu

Icelilly

Oh my! I'm getting all my dates mixed up! XD Where did I get 2000 from?! O_O;

Sorry, question again! ^^; Are there any designs for these viruses and others that exsist?

I hope I'm not being annoying... >_<


Gussy Keniji

I think there are only three designs so far (3 is all I've seen anyway)

I was gonna draw some myself, being virus-tans are pretty much unexplored territory in means of artwork

"Wut..."