Encyclopedia

Panda Internet Security 2010

Panda Internet Security 2010

Full protectión for complete peace of mind on the Internet.

Nachi.A

 
Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Nachi.A
Technical name:W32/Nachi.A
Threat level:Medium
Alias:W32/Nachi.Worm, W32.Welchia.Worm, Worm_MSBLAST.D
Type:Worm
Effects:  

It exploits the RPC DCOM and WebDAV vulnerabilities in order to spread. It can uninstall the worm Blaster and delete the file carrying this worm.

Affected platforms:

Windows XP/2000/NT

Detection updated on:Jan. 2, 2004
StatisticsNo
Yes, using TruPrevent Technologies
Repair utility: Panda QuickRemover
Country of origin:CHINA

Descripción Breve 

    

Nachi.A is a worm that infects only Windows 2003/XP/2000/NT computers. Nachi.A exploits the Buffer Overrun in RPC Interface vulnerability to spread to as many computers as possible.

Nachi.A spreads by attacking remote computers and exploits the vulnerability mentioned above to download a copy of itself to the compromised computer. In order to do this, Nachi.A incorporates its own TFTP (Trivial File Transfer Protocol) server.

Nachi.A can uninstall the worm Blaster, by ending its process and deleting the file carrying the worm.

If you have a Windows 2003/XP/2000/NT computer, it is highly recommendable to download the security patch from the Microsoft website. Click here to access the web page for downloading the patch.

Moreover, Nachi.A can use another exploit known as WebDAV. More information about this vulnerability and the corresponding patch are available here.

Visible Symptoms 

    

A clear indication that Nachi.A has reached the computer is that the network traffic increases on the TCP 135 and 707 and UDP 69 ports.

Last updated:  02/01/2004 

Thanks to Collective Intelligence, Panda's exclusive cloud-computing technology, the company's 2010 solutions leverage the knowledge gathered from the community of millions of Panda users around the world. Each new file received is automatically classified within six minutes and the Collective Intelligence servers classify more than 50,000 new malware samples every day. These technologies correlate information on malware received from each computer to continuously improve the protection level for the worldwide community of users. Panda's 2010 solutions have continuous, real-time contact with this vast knowledge base allowing the company to offer users the fastest response against the new malware that appears every day.

Virus News

Help your friends against viruses: share, save and subscribe to our security content. Thank you.

Share/Bookmark

Final episode of ‘Lost’ used by hackers to spread the MySecurityEngine fake anti...

Panda Security to participate in Brazil’s CeCOS IV conference

PandaLabs’ Quarterly Report: 61% of new threats created in Q1 were Trojans

[+ News ]