W32/Mydoom.f@MM

Virus Information
Discovery Date: 02/19/2004
Origin: Unknown
Length: 34,568 bytes
Type: Virus
SubType: E-mail worm

This is a mass-mailing and share-hopping worm that bears the following characteristics:

contains its own SMTP engine to construct outgoing messages
contains ability to copy itself to mapped drives
contains a backdoor component
contains a Denial of Service payload
contains payload of deleting files
The virus arrives in an email message as follows:

From: (Spoofed email sender)

Do not assume that the sender address is an indication that the sender is infected. Additionally you may receive alert messages from a mail server that you are infected, which may not be the case

Subject: (Varies, such as)

Re: Approved
Attention
Your request is being processed
(Blank)
Please read
Re: Thank You
Recent news
IMPORTANT
Please reply
Read this
Your credit card
Unknown
EXPIRED ACCOUNT
Your request was registered
automatic responder
Recent news
Readme
Bug
You have 1 day left
ApprovedNews
Read it immediately
Announcement
=P Announcement
hi, it's me
You use illegal File Sharing... Your IP was logged
Your account is about to be expired
Love is Love is...
Undeliverable message
Re:
Your order was registered
Your order is being processed
Current Status
read now!
Something for you
For your information
Information Warning
hello
hi
Body: (Varies, such as)

Read more: http://vil.nai.com/vil/content/v_101038.htm