Welcome to the Virus Encyclopedia of Panda Security.
It steals passwords from different services, it logs keystrokes, captures screenshots and sends this information to its author. It listens to two ports and prevents users from visiting several webs belonging to antivirus companies.
|First detected on:||May 19, 2004|
|Detection updated on:||June 21, 2004|
|Country of origin:||RUSSIA|
Dumarin.B is a worm with backdoor characteristics, that steals passwords belonging to e-mail programs, several bank operations carried out online, etc. It also logs keystrokes and checks the content of the Clipboard.
Dumarin.B listens to the TCP ports 1001 and 10000 and waits for remote control commands. By doing so, it functions as an FTP server, allows screen captures, execute files, etc.
In addition, Dumarin.B modifies the file HOSTS, thus preventing users from visiting several web sites belonging to antivirus vendors. By doing so, users can not update their antivirus programs, etc.
Dumarin.B is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.