|
Name of virus: W32/Bagle.az(at)MM was updated to Medium on 28 Sept 2004 due to prevalence
Type of virus: Mass-mailing worm
Systems Affected: Windows98, Windows ME, Windows NT, Windows 2000, Windows XP, Windows 2003 Server
What does it do?
This is a mass-mailing worm with the following characteristics:
- contains its own SMTP engine to construct outgoing messages
- harvests email addresses from the victim machine
- the From: address of messages is spoofed
- contains a remote access component
- copies itself to folders that have the phrase shar in the name (such as common peer
Mail Propagation:
The details are as follows:
From : (address is spoofed) Subject :
Re:
Re: Hello
Re: Thank you!
Re: Thanks :)
Re: Hi
Body Text:
:)
:))
Attachment: (with an extension of .exe, .scr, .com or .cpl)
Price
price
Joke
Removal Instructions:
- Download Stinger utility. Click here for instructions on downloading Stinger and running Stinger.
- Run Stinger to scan and clean the incidents of the W32/Bagle.az(a)MM worm.
For our Centre users, you can contact your IT personnel for assistance. If you have any difficulties, please contact our Helpdesk on Ext 2117.
|
