Kalpana Kalpana (Editor)

Mumu (computer worm)

Updated on
Edit
Like
Comment
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit
Common name
  
Mumu

Aliases
  
Muma

Classification
  
Worm

Technical name
  
BAT/Mumu. A

Family
  
Mumu

Type
  
Windows

Mumu is a computer worm that was isolated in June 2003.

Description

Mumu consists of a mix of malicious files and actual utilities. Because of the easily customised nature of this worm, many variants have been discovered, but most are generically detected under the Mumu. A name. The lone exception is Mumu.B, which is detected separately by most antivirus programs.

The "standard" Mumu package consists of the following:

  • A range of malicious batch files
  • A number of "grey area" batch files, which use the utilities included in the Mumu package in a malicious way
  • pcGhost and/or an nVidia utility, both of which are legitimate utilities
  • Other various legitimate utilities
  • A number of text files

    • As previously mentioned, this varies by version. Mumu spreads by scanning IP addresses for open administrative network shares. It then attempts to guess the password to gain access and copy itself over.

    Heavy correlation of Mumu infections with infections of the Valla virus have been observed. It is suspected that Mumu caused a resurgence in Valla infections after Valla infected one of the .exe files included in the Mumu package. Previous to this, Valla was considered obsolete. It now ranks among the most-reported viruses on the WildList.

    References

    Mumu (computer worm) Wikipedia
    (Text) CC BY-SA