Discussion in 'malware problems & news' started by Marianna, Mar 18, 2004.

Thread Status:
Not open for further replies.
  1. Marianna

    Marianna Spyware Fighter

    Apr 23, 2002
    B.C. Canada
    Virus Information
    Discovery Date: 03/18/2004
    Origin: Unknown
    Length: 26,557 bytes
    Type: Virus
    SubType: E-mail worm

    Update March 18th 2004 08:25 PST --
    This threat has been deemed Low-Profiled due to media attention at the following site:
    A new variant of W32/Bagle@MM has been received.

    This variant is very similar to W32/Bagle.q@MM

    contains its own SMTP engine to construct outgoing messages
    uses a Microsoft vulnerability found in security bulletin MS03-032 to download the worm on port 81 without user running the attachment
    harvests email addresses from the victim machine
    the From: address of messages is spoofed
    contains a remote access component (notification is sent to hacker)
    copies itself to folders that have the phrase shar in the name (such as common peer-to-peer applications; KaZaa, Bearshare, Limewire, etc)
    encrypted polymorphic parasitic file infector

Thread Status:
Not open for further replies.