TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
VBS_BAGLE.Q
Overview
Solution

Malware type: VBScript

Aliases: Email-Worm.Win32.Bagle.p (Kaspersky), VBS/Psyme (McAfee), W32.Beagle@mm (vbs) (Symantec), TR/Psyme.I.1 (Avira), W32/Bagle-Q (Sophos), Virus:VBS/Bagle.P.gen (Microsoft)

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 95, 98, ME, NT, 2000, XP

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 High

Distribution potential:

 Low

Description: 

This malicious Visual Basic script file is dropped and executed by HTML_BAGLE.Q.

It uses the Microsoft.XMLHTTP object to download the binary file HNXRKWL.JPEG form the following Web site.

    http://24.6.1<BLOCKED>.94:81/hnxrkwl.jpeg

It then runs the downloaded file, which is detected by Trend Micro as PE_BAGLE.Q-O.

It runs on Windows 95, 98, ME, NT, 2000 and XP.

For additional information about this threat, see:
Solution
Technical Details

Description created: Mar. 18, 2004 7:07:05 AM GMT -0800
Description updated: Mar. 18, 2004 7:07:20 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.