Tibick.F

The Tibick.F worm spreads via peer-to-peer (P2P) network applications.

Upon execution, it drops a file named "svcnet.exe" into the Windows system folder.

The dropped file is set to run during Windows startup with the following registry key:

• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Shell API32 "svcnet.exe"

Tibick.F adds itself to the list of Windows Firewall trusted applications.

It checks for Internet connectivity by creating a connection to

http://tbc3.hanged.tk

Tibick.F also acts as a backdoor or as a bot, and listens for IRC-commands from a remote attacker.

It spreads itself via the following P2P applications:

• EMULE
• IMESH
• KAZAA
• MORPHEUS
• WAREZ

To spread itself, users of the P2P network must download the worm's file. An appealing file name encourages downloads.

The names used are:

• 321 Studios GamesXCopy 1.0.8
• 3D Slot Car Racing Game 1.0
• 3D Studio Max 6
• ABBY FineReader Pro 7.0
• acdsee 7.0.61
• ACDSee PowerPack 7.0.43
• ACDSee v7.0 Powerpack 7.0
• Acrobat Reader
• Acrobat Reader
• Ad-aware
• Ad-aware Pro
• Ad-aware Professional
• Adult Tetris 2
• After Effects PRO v6.5
• Age of Empires II The Age of Kings
• Age Of Mythology
• Age Of Mythology - The Titans
• Agnitum Outpost Firewall 2.5.369
• Ahead Nero Burning 6.6.0.3 Ultra Edition
• AlbumWrap
• AlbumWrap Extractor v1.0
• Alcohol 120% v1.9.2 build 1705
• Alias Acclaim
• All Products
• All-in-One Secretmaker
• Anti-Trojan 4.0
• AnyDVD 3.9.2.1
• AnyDVD 4.0.4.1
• AOL Instant Messenger (AIM)
• AquaZone Desktop Garden 1.0.1.1 full
• Ares Galaxy
• Ares Lite
• Ashampoo WinOptimizer Platinum Suite 2 2.01
• Avant Browser
• Babylon Pro 5x
• Backyard Baseball 2003
• Backyard Wrestling 2 - There Goes the Neighborhood
• Battlefield 1942
• Battlefield Vietnam
• Battlefield Vietnam Multiplayer Online
• Besieger DreamCatcher Interactive
• BitComet
• BitSpirit 1.2.0 RC3
• Blindwrite Suite 4.5.3
• Blinx 2 - Masters of Time & Space \x6
• Blitzkrieg - Burning Horizon
• C&C Generals
• Call Of Duty
• CCALG - Credit Card Generator
• CD to MP3 Freeware 1.5
• Chicken Invaders 2 2.60
• City of Heroes NCsoft
• Civilization III
• Classic NES Series - The Legend of Zelda
• Clone DVD 2
• CloneCD 5.x
• CloneCD All Version
• CloneDVD v1.x
• CloneDVD v3.x Retail
• CloneDVD2 v2.x
• ColdFusion MX
• Command & Conquer - Generals
• Command & Conquer - Generals Zero Hour
• Command and Conquer - Generals Zero Hour
• Contribute v2.0
• Cool Edit 2000 1.1
• CopyToDVD 3.0.3
• Corel Draw Graphics Suite 12.0
• Counter-Strike Condition Zero
• Crusader Kings Paradox Entertainment
• Cubase Audio XT 3.X
• CWShredder 2.12
• CyberLink PowerDVD v6.0 Deluxe7
• Dark Age Of Camelot - Trials Of Atlantis
• Dark Matter - The Baryon Proj
• dBpowerAmp Music Converter
• DC++ 0.668
• Deus Ex Invisible War
• DFX Audio Enhancement 2.0.1
• Diablo 2
• Dialupass 2.43
• Director 8
• DivX Player
• DivX Player (with DivX Codec)
• dMSN mercury messenger 1.7.0.6
• Doom 3
• Doom 3
• Doom 3 SDK
• Dope Wars
• Download Accelerator Plus
• Download Accelerator Plus 7.3
• Download Accelerator Plus V7.1
• Download Accelerator Plus v7.2 Premium
• Dr Divx
• Dr.Divx 1.0.6 Build 105
• Dragon Ball Z - Budokai 3
• Dragon Ball Z - Supersonic Warriors
• Dragon Warrior VIII
• Dreamweaver 4.0 Patch
• Dreamweaver MX 2004 7.0
• Dreamweaver MX v6.0
• Dreamweaver UltraDev 4.0 Patch
• DRIV3R
• Drug Wars - Underworld 1.3
• Dungeon Lords DreamCatcher Interactive
• Dungeon Siege
• DVD Decrypter 3.5.1.0
• DVD Region-Free 5.5
• DVD Shrink 3.2.0.15
• DVDXCopy Platinum 4.0.3.8
• Easy CD-DA Extractor 7.1.3.1
• Easy CD-DA Extractor 7.13.2
• eIMAGE Recovery 3.0
• eMule
• eMule 0.44b
• Enter the Matrix
• ESPN NFL 2K5 Sega
• Exe Icon Changer 3.753
• F.E.A.R.
• Fable \x6
• Far Cry
• Fifa 2005
• Final Fantasy VII - Advent Children
• Final Fantasy XI - USA
• Final Fantasy XII
• Fire Emblem - Seima no Kouseki
• Fireworks 4.0 Patch
• Flash 5
• Flash All Versions
• Flash MX v6.0
• Flash SWF-Unprotect v2.0
• FlashFXP 2 RC2
• FlashFXP All Version
• FlashFXP v1.4.1
• FlashFXP v1.4.3
• FlashFXP v2.0
• FlashFXP v2.1
• FlashFXP v2.2
• FlashGet Forgotten Realms - Demon Stone
• Flight Simulator 2004 - A Century Of Flight
• Free Internet TV 3.2
• Freedom Force
• FreeHand v10 Loader
• Front Mission 4
• FrontPage XP 2002
• FTP Server Serv-U 5.1 Coporate Edition
• Full Spectrum Warrior
• Geist GetRight 5.2
• Goblin Commander - Unleash the Horde
• Golive v6.0
• Gran Turismo 4 SCEA
• Grand Theft Auto - San Andreas
• Grand Theft Auto 3
• Grand Theft Auto III
• Grand Theft Auto San Andreas
• Grand Theft Auto Vice City
• Grokster
• GTA GX Transcoder 2.10.2350
• Gunbound Trainer
• Half-Life 2
• Half-Life 2
• Half-Life 2
• Halo - Combat Evolved - \x6
• Halo 2
• Harry Potter and the Prisoner of Azkaban Adventure
• Harry Potter and The Sorcerers Stone
• Harry Potter and the Sorcerers Stone
• HeadStrong WebClicker 2.56
• Heroes of Might and Magic IV
• Hidden and Dangerous 2
• HijackThis
• Icewind Dale 2
• ICQ 4
• ICQ Pro 2003b
• Illustrator v10.0 Time Limit
• ImageReady v1.0
• ImageSlurp 2.43
• iMesh
• Internet Download Manager 4.03
• Internet Download Manager v4.02
• IsoBuster Professional v1.7.0.0
• Jedi Academy
• JetAudio Basic
• Joint Operations - Typhoon Rising NovaLogic
• Juiced Acclaim
• Kaspersky (License
• Kaspersky Anti-Hacker v1.7
• Kazaa Download Accelerator Pro
• Kazaa Download Manager 3.0
• KaZaA Lite Plus 1.0
• Kingdom Hearts II
• K-Lite Codec Pack v2.31 Full
• K-Lite Mega Codec Pack 1.13
• Knights Apprentice Memoricks Adventures Games
• LimeWire
• LimeWire (International)
• LimeWire Download Manager 4.2.6
• LimeWire server scanner
• Longhorn Transformation Pack 8.0
• Lord of the Rings The Battle for Middle-earth 1.00
• LostGoggles
• LOTR
• Madden NFL 2003
• Madden NFL 2005 EA
• Mafia
• MagicScore maestro 3.5
• Malice Mud Duck Productions
• Mario Pinball Land Puzzle Nintendo
• Mario Tennis
• Matrix Screensaver
• Max Payne 2
• Max Payne 2 Fall Of Max Payne
• Max Payne 2 The Fall of Max Payne
• MaxPayne 2 The Fall Of Max Payne
• McAfee VirusScan 9.0
• McFarlanes Evil Prophecy
• Medal Of Honor - Allied Assault
• Medal Of Honor - Allied Assault BreakThrough
• Medal of Honor Pacific Assault
• Media Player
• Medieval - Total War
• Mega Man Anniversary Collection
• Metal Gear Acid PSP
• Metal Gear Solid 3 - Snake Eater
• Midnight Club 3 - DUB Edition
• mIRC 6.X
• Monopoly 3
• Morpheus
• Mortal Kombat 4
• Mozilla Firefox
• MP3 Doctor 5.11.15
• mp3DirectCut 1.38
• MS Office XP Activation
• MS Zoo Tycoon
• MSN advert remover
• MSN Messenger ( XP)
• MSN Toolbar
• MSN Toolbar advert remover
• MusicMatch Jukebox Plus 9.00
• MVP Baseball 2004 EA
• MyIE2
• NBA Live 2003
• NBA Live 2004
• NCAA Football 2005 EA
• Need For Speed 5 - \3
• Need for Speed Hot Pursuit 2 CDerator
• Need for Speed Underground
• Need for speed underground - nocd
• Need for Speed Underground 2
• Need for Speed Underground 2
• Need for Speed4 - NOCD
• NeedforspeedUnderground-nocd
• Nero 6 Ultra Edition
• Nero 6 Ultra Edition
• Nero 6 Ultra Edition
• Nero 6 Ultra Edition 6.6.0.1
• NERO 6.6.0.1
• Nero 6.6.0.1
• Nero 6.6.0.3 Ultra
• Nero Burning Rom 6.6.0.3
• Nero Burning Rom Reloaded 6.6.0.1
• Nero Burning ROM v6.x
• Nero Reloaded 6.6.0.1
• Nero Ultra Edition 6.6.0.1
• NetPumper
• NetPumper
• Ninja Gaiden Tecmo
• NOD32 2.12.1
• Norman Virus Control 5.70
• Norton 2004
• Norton 2004 Professional activation
• Norton 2004 Professional Edition
• Norton 2005
• norton 2005
• norton 2005
• Norton AntiSpam 2004
• norton internet security 2005
• Norton Personal Firewall 2005 retail
• nVidia nTune 2005
• Office 2000 Regmaker
• Office 2003 Pro
• Office XP Activation
• Office XP Activation Killer
• Office XP Professional
• Office XP Professional Serial
• Office XP Universal Activator v1.0
• Onimusha 3 - Demon Siege Adventure
• PageMaker v7.0
• Paris Hilton Sex-E Screensaver 1.0
• Partition Magic 8.0
• Photoshop 7
• Photoshop CS
• Photoshop CS 8
• PhotoShop CS 8.0 & ImageReady CS 8.0
• PhotoShop CS v8.0
• Photoshop Universal
• PINNACLE STUDIO PLUS V9.3
• Plus! Media Center Edition
• Pocket Tanks 1.0
• PornSnatcher 2.31
• PowerDVD v5.9 Deluxe
• Psi-Ops - The Mindgate Conspiracy Midway
• Purge Jihad Freeform Interactive LLC
• Quake 3 - The Arena
• QuickTime
• RealPlayer
• RealPlayer
• RealPlayer
• Red Dead Revolver
• RegClean 4.1a
• RegCleaner 4.30.780
• Registry Mechanic
• Registry Mechanic
• Registry Mechanic 3.0
• Resident Evil 4 GC Adventure
• Rise of Nations - Thrones and Patriots
• Risk II 1.0
• RM to MP3 Converter 1.21
• RoboForm
• RoboForm
• Roller Coaster Tycoon
• Rollercoaster Tycoon 3 3
• RollerCoaster Tycoon and Attractions
• RYL Second Life Linden Lab
• Serial Generator v2.0
• Serials 2000 v7.1 Plus (build 06.16.04)
• server 2003
• Server 2003 SP1 Build 1039-2l
• SeXstazy 3.0.2.11
• Shadow Ops - Red Mercury
• ShellShock - Nam 67
• shinoya Success
• Shockwave Player
• Silent Storm - Sentinels _No Company
• Sim City 4 - Rush Hour
• Sim City 4 Deluxe
• Sim Theme Park World
• Sims 2
• Singles - Flirt Up ur Life
• Sniff-em 1.12
• Snood
• Snood
• Snood
• Snowblind
• Soldat 1.1.4
• Soldier of Fortune II- Double Helix
• SolSuite 2004 - Solitaire Card Games Suite
• SolSuite 2004 - Solitaire Card Games Suite
• Sonic the Hedgehog 3
• Spider-Man 2
• Spider-Man 2 GC
• Sponge Bob Square Pants - Operation Krabby Patty
• Spy Sweeper 3.2 147
• Spybot - Search and Destroy
• SpyHunter
• SpyHunter
• spyware doctor
• Spyware Doctor
• Spyware Doctor
• Spyware doctor 2.1
• Spyware Doctor 2.1.0.254
• Spyware Doctor V3
• Spyware Doctor v3.0.0.288
• SpywareBlaster
• Star Wars - Jedi Knight - Jedi Academy
• Star Wars - Knights of the Old Republic
• Star Wars Galactic Battlegrounds- Clone Campaigns
• Star Wars Jedi Knight II - Jedi Outcast
• Star Wars Jedi Knight II- Jedi Outcast
• Star Wars Knights of the Old Republic II - The Sith Lords
• Starcraft - Battlechest
• Strip Poker 2004
• Super dvd Creator 7.5 7.5
• Super Mario Kamek - Magikoopa's Revenge 1.2
• Sygate Personal Firewall PRO v5.5 Build 2577
• Symantec Ghost 8.0
• Symatec System Center V9.0.0.338
• System Mechanic 5.0c
• The Chronicles of Riddick - Escape From Butcher Bay
• The Elder Scrolls III - Morrowind Game of the Year Edition Bethesda Softworks
• The Legend of Zelda - Four Swords Adventures
• The Legend of Zelda - The Minish Cap
• The Legend of Zelda (working title)
• The Lord of the Rings - The Battle for Middle-Earth
• The lord of the rings the battle for middle earth
• The Lord of the Rings The Battle for Middle-earth
• The Lord of the Rings The Return of The King
• The Sims
• The Sims - Hot Date Expansion Pack
• The Sims - Makin Magic Expansion Pack
• The Sims - Superstar Expansion Pack
• The Sims - Unleashed Expansion Pack
• The Sims - Vacation Expansion Pack
• The Sims 2
• The Sims Clock 1.0
• The Sims Deluxe
• The Sims Double Deluxe
• The Sims Vacation
• The Suffering
• The Suffering Midway
• Thief - Deadly Shadows
• Tiger Woods PGA Tour 2004
• Tom Clancys Ghost Recon - Desert Siege
• Tom Clancys Splinter Cell
• Tom Clancys Splinter Cell Pandora Tomorrow
• Tom Clancy's Splinter Cell Pandora Tomorrow
• Tony Hawks Underground
• Total Commander v6.03a PowerPack 25
• Trillian
• Trillian crasher
• Trillian Pro v3.0.950
• Tweak-XP Pro 4.0.2
• Unreal Tournament 2003
• Unreal Tournament 2004
• Unreal Tournament 2004
• Unreal Tournament 2004
• Vampire - The Masquerade - Bloodlines
• VirtualLab Data Recovery
• VirtualLab Data Recovery
• Virtuosa Phoenix Edition
• Warcraft III - Reign Of Chaos
• Warez P2P
• Webroot Spy Sweeper
• Webroot Spy Sweeper
• WebRoot Spy Sweeper 3.5.0.189
• WebSite Watcher v4.02
• Winace 2.x
• Winamp 5.03 Full
• Winamp Full
• WinDVD Platinum 5.0.26.23
• WinMX
• WinRAR
• WinRAR
• WinRAR 3.30 Corporate Ed
• WinRAR 3.x
• WinRAR All
• WinRAR v3.20 Final
• WinRAR v3.30 Final
• WinRAR v3.41 Final
• Winzip
• WinZip
• WinZip 9.x
• WinZip All
• WinZip All Versions
• WinZip Self-Extractor v2.2
• WinZip Self-Extractor v2.2 Patch
• WinZip v8.0
• WinZIP v9.0
• WinZip v9.0 Registration
• World of Warcraft
• Worms Armageddon
• WWE Day of Reckoning GC
• WWE SmackDown! vs. Raw
• XBOX X-Fer Ripper and Transfer
• XP Activation
• XP home edition Activation
• XP Pro 64-bit
• Xp Profesional Sp 2
• XP Professional
• XP Professional ( Corp key )
• XP Slipstreamer v1.0
• XP SP2
• Yahoo Messenger
• ZeroSpyware Lite
• ZipGenius
• Zone Alarm Security Suite 5.5.062
• ZoneAlarm
• ZoneAlarm
• Zoo Tycoon
• Zoo Tycoon
• Zoo Tycoon - Complete Collection
• Zoo Tycoon - Dinosaur Digs