Discovered on: January 04, 2004
Last Updated on: February 04, 2004 05:22:09 PM
W32.HLLW.Gaobot.JB is a minor variant of W32.HLLW.Gaobot.BF that uses a different file name and is repacked with PECompact. It attempts to spread to network shares that have weak passwords and allows attackers to access an infected computer through an IRC channel.
The worm uses multiple vulnerabilities to spread, including:
The DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135.
The RPC locator vulnerability (described in Microsoft Security Bulletin MS03-001) using TCP port 445.
The WebDav vulnerability (described in Microsoft Security Bulletin MS03-007) using TCP port 80.
Variants: W32.HLLW.Gaobot.FB, W32.HLLW.Gaobot.gen
http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.gaobot.jb.html

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic