|
Description:
This non-destructive, memory-resident variant of WORM_FRETHEM.A propagates via Microsoft Outlook by sending email to all addresses listed in the infected user's Windows Address Book, and in .DBX files where Microsoft Outlook Express archives emails. It arrives as an attachment to an email message with the following:
Subject: Re: Your password!
Message Body: ATTENTION!
You can access very important information by this password
DO NOT SAVE password to disk
use your mind
now press cancel
Attachments: Decrypt-password.exe
password.txt
The file attachment, DECRYPT-PASSWORD.EXE, automatically executes when this email message is previewed or opened.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jun. 11, 2002 9:51:01 PM GMT -0800
Description updated: Jun. 13, 2002 5:42:59 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
