Worm_bagle.af (ab) - Medium Risk alert

#0
16.07.2004, 09:25
Member

Beiträge: 78
#1 As of 4:15 PM July 15, 2004 (GMT -07:00; Daylight Savings Time), TrendLabs has declared a Medium Risk alert to control the spread of this new BAGLE variant that is spreading via email and network shares. Infection reports have been received from the U.S. and Canada.

This worm propagates via email using a built-in mailing engine that utilizes Simple Mail Transfer Protocol (SMTP). Its email arrives spoofed and appears to have been sent from email accounts that it has gathered from the system. It uses the same gathered accounts as the target email addresses that it propagates to.

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_BAGLE.AF

W32.Beagle.AB@mm is a mass-mailing worm that uses its own SMTP engine to spread through email and opens a backdoor on TCP port 1080. The email will have a variable subject and a file attachment. The attachment will have a .com, .cpl, .exe, .hta, .scr, .vbs, or .zip file extension.

The worm is packed with UPX.

http://www.symantec.com/avcenter/venc/data/w32.beagle.ab@mm.html
Seitenanfang Seitenende
16.07.2004, 13:04
Member

Themenstarter

Beiträge: 78
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: