Worm_bagle.af (ab) - Medium Risk alert |
||
---|---|---|
#0
| ||
16.07.2004, 09:25
Member
Beiträge: 78 |
||
|
||
16.07.2004, 13:04
Member
Themenstarter Beiträge: 78 |
#2
Deutsche Infos findet ihr u. a. hier
http://www.golem.de/0407/32397.html http://www.heise.de/newsticker/meldung/49143 http://www.onlinekosten.de/news/artikel/15033 |
|
|
This worm propagates via email using a built-in mailing engine that utilizes Simple Mail Transfer Protocol (SMTP). Its email arrives spoofed and appears to have been sent from email accounts that it has gathered from the system. It uses the same gathered accounts as the target email addresses that it propagates to.
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_BAGLE.AF
W32.Beagle.AB@mm is a mass-mailing worm that uses its own SMTP engine to spread through email and opens a backdoor on TCP port 1080. The email will have a variable subject and a file attachment. The attachment will have a .com, .cpl, .exe, .hta, .scr, .vbs, or .zip file extension.
The worm is packed with UPX.
http://www.symantec.com/avcenter/venc/data/w32.beagle.ab@mm.html