Effects
The main objective of Harakit.D is to spread and affect other computers.
It avoids being detected by the user by using the following techniques:
- It deletes the original file from which it was run once it is installed on the computer.
- It modifies system permissions in order to hide itself.
Means of transmission
Propagation via mapped drives:
Harakit.D checks if the infected computer is connected to a network.
If so, it makes an inventory of all mapped drives and creates a copy of itself in each of them.
Propagation through shared network resources:
Harakit.D checks if the infected computer is connected to a network. If so, it tries to spread to the shared network drives.
To do this, it tries to gain access to these shared drives, using typical or easily guessed passwords.
Distribution of infected files:
Harakit.D does not spread automatically using its own means, but infects files of the following types:
They reach computers when previously infected files are distributed, entering computers through any of the usual channels: floppy disks, email messages with attachments, Internet download, files transferred via FTP, IRC channels, P2P file sharing networks, etc.
Further Details
Harakit.D has the following additional characteristics:
- It is 420388 bytes in size.