TROJ_BAGLE.BE - Description and solution

TROJ_BAGLE.BE

Overview

Solution

Technical Details

Malware type: Trojan

Aliases: Trojan.Tooso.B, W32/Bagle.gen@MM, Win32/Hostblock

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 95, 98, ME, NT, 2000, XP

Encrypted: No

Overall risk rating:

Reported infections:
Damage potential:		Medium
Distribution potential:		Low

Description:

This Trojan usually arrives on a system as a .ZIP compressed file attached on an email message. It attempts to download a file that is detected by Trend Micro as WORM_BAGLE.BE . A medium risk alert has been declared for this worm.

WORM_BAGLE.BE and TROJ_BAGLE.BE are very much related, due to the fact that they team up to be able to propagate. TROJ_BAGLE.BE downloads WORM_BAGLE.BE, and WORM_BAGLE.BE attaches TROJ_BAGLE.BE to the email messages it sends out.

It is capable of terminating several processes related to antivirus and security applications, as well as preventing users from accessing certain Web sites by adding entries in the system's HOSTS file. It also attempts to download and execute a specific file from several Web sites.

For additional information about this threat, see:
Solution
Technical Details

Description created: Feb. 28, 2005 7:24:26 PM GMT -0800
Description updated: Mar. 1, 2005 6:17:07 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.