Welcome to the Virus Encyclopedia of Panda Security.
|Effects: ||Its main aim is to spread through administrative shares and infect other computers.|
|First detected on:||June 4, 2003|
|Detection updated on:||Jan. 10, 2006|
Muma is a worm that does not have any destructive effects, which spreads through administrative shares that are accessible from the affected computer.
Muma follows the routine below:
- It looks for administrative shares to copy itself to.
- With the help of its Trojan component, HackTool/IPCScan, it connects to these resources, as this Trojan steals the access password.
- When it has connected to the network, it copies all the files that this worm contains to the remote computer.
- Finally it creates a user account called admin with the password KKKKKKK and adds it to the group of administrators. By doing this, the worm will have full control over the affected computer.
Muma is difficult to recognize, as it does not display any warnings or messages that indicate that it has infected a computer.