Bagle "X" - Secunia declares Medium Risk

Discussion in 'malware problems & news' started by the mul, Jul 1, 2004.

Thread Status:
Not open for further replies.
  1. the mul

    the mul Registered Member

    Jul 31, 2003
    The Bagle series has so many variants and they developed so quickly that AV vendors all have different letter suffixes, so it's important to find the one applicable for your AV products. In further investigation, I've found even Secunia doesn't have all the variants lined up properly.

    Secunia declares Medium Risk on New Bagle "X" variant

    Trend Micro - Bagle.X

    Aliases: W32/Bagle.z@MM, w32.beagle.w@mm, W32/Bagle-W, Bagle.y

    The email it sends out has varying subjects, message bodies, and attachment file names. It uses specific user names followed by the domain of the recipient's email address to spoof the From field. It sends two attachments. One of them is a picture of a girl in .JPEG format. The other attachment is a copy of this worm with any of the following extension names: COM, CPL, EXE, HTA, SCR, VBS, ZIP

    THE mul
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.