Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||W32/Sory.worm TROJ_TAMPONAI.A W32.HLLW.Kullan|
|Effects: ||It obtains confidential information from the affected computer and sends it out via the Internet.
|First detected on:||April 29, 2003|
|Detection updated on:||April 29, 2003|
|Yes, using TruPrevent Technologies
Sory is a dangerous worm, as it obtains confidential information from the affected computer and sends it to an Internet address.
The data sent out by Sory includes the operating system version, the CPU number, type and speed, the amount of RAM and the e-mail address of the affected user.
Similarly, Sory logs the keystrokes entered by the user of the infected computer and saves them in a file, which it also sends out. By doing this, the recipient of the message can access confidential information belonging to the user, such as the passwords for accessing certain services.
This worm only spreads across networks and through computers with an English or Turkish operating system installed.
Sory is difficult to recognize, as it does not display any warnings or messages that indicate that it has infected a computer.