Conficker
Conficker is a computer worm that utilizes both flaws in the operating system Microsoft Windows and the dictionary attack method (to gain passwords to administrative accounts/etc) while forming a botnet.
How it works:
Conficker works by integrating itself as a service on the computer, while, as well, creating its own key in the registry. It will grab the host's IP address using a number of IP finding websites, and then create a server using this IP. Using this server, the worm attempts to find other machines to infect, and sends out the URL to these machines as well. This host affects that host, another host affects this host, and so on, thus creating a botnet.
Source: sans.org
Source: conceptdraw.com