A malware booty call

We hear so much about stealth tactics, data theft and covert ops where malware is concerned these days that we often forget about the time when it was more about how many popup windows the attacker could throw onto the screen along with a couple of dancing monkeys and a spangly toolbar.Here, then, is something a little retro that takes a form of infection more known for stealth (parite) and turns it into an overt rip roaring rampage of revenge, but mostly broken computers.Promoted as a music player based around popular cartoon Aqua Teen Hunger Force, the following file(Win32.booty.exe) should be avoided at all costs:Shortly after running the executable, hidden files and folders start to scatter themselves liberally across the PC in both the System32 Folder and the Temp Directory - in this case, 10.tmp containing a file called but!.exe, thrown together with the aid of what was probably the HotFusion file binder:From there, another folder then appears (called 12.tmp) which contains the main payload files:Worm.exe, Zombie.bat and chimes.wav.So far, this is reasonably similar to a regular Parite infection (two folders in the temp directory, the promise of wormy action to (continue reading...)