Bagle "X" - Secunia declares Medium Risk

Discussion in 'malware problems & news' started by the mul, Jul 1, 2004.

Thread Status:
Not open for further replies.
  1. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    The Bagle series has so many variants and they developed so quickly that AV vendors all have different letter suffixes, so it's important to find the one applicable for your AV products. In further investigation, I've found even Secunia doesn't have all the variants lined up properly.

    Secunia declares Medium Risk on New Bagle "X" variant
    http://secunia.com/virus_information/8675/

    Trend Micro - Bagle.X
    http://www.trendmicro.com/vinfo/virusencyc...me=WORM_BAGLE.X

    Aliases: W32/Bagle.z@MM, w32.beagle.w@mm, W32/Bagle-W, Bagle.y

    The email it sends out has varying subjects, message bodies, and attachment file names. It uses specific user names followed by the domain of the recipient's email address to spoof the From field. It sends two attachments. One of them is a picture of a girl in .JPEG format. The other attachment is a copy of this worm with any of the following extension names: COM, CPL, EXE, HTA, SCR, VBS, ZIP

    THE mul
     
Loading...
Thread Status:
Not open for further replies.