Welcome to the Virus Encyclopedia of Panda Security.
The main objective of FlySky.AH is to spread and affect other computers.
It avoids being detected by the user by using the following techniques:
- Techniques included in its code to hide its files and processes while it is active.
Means of transmission
Propagation through the exploits of remote vulnerabilities:
FlySky.AH carries out the following process:
- It spreads by attacking IP addresses obtained at random or from the network to which the infected computer belongs.
- It tries to access the IP addresses under attack by exploiting an existing vulnerability or through an open port.
- If it does this, it downloads a copy of itself onto the vulnerable computer.
Propagation via mapped drives:
FlySky.AH checks if the infected computer is connected to a network.
If so, it makes an inventory of all mapped drives and creates a copy of itself in each of them.
Propagation through shared network resources:
FlySky.AH checks if the infected computer is connected to a network. If so, it tries to spread to the shared network drives.
To do this, it tries to gain access to these shared drives, using typical or easily guessed passwords.
FlySky.AH has the following additional characteristics: