Malware type: Worm

Aliases: Email-Worm.Win32.Aplore (Kaspersky), W32/Aplore@MM (McAfee), VBS.Aplore@mm (Symantec), Worm/Aphex.1 (Avira), W32/Aplore-A (Sophos),

In the wild: Yes

Destructive: No

Language: English

Platform: Windows

Encrypted: Yes

Description: 

This memory-resident, UPX-compressed worm attempts to spread copies of itself via email using Microsoft Outlook, Internet Relay Chat (IRC), and AOL Instant Messenger. It sends out an email with the following details:

Subject:.
Message Body: .
Attachment: psecure20x-cgi-install.version6.0.1.bin. hx.com

In order to successfully propagate via IRC and AOL Instant Messenger, it runs as a Web server on the infected system by opening port number 8180. By designating Web server functions to the infected system, the said system practically becomes the malware's download site where other users may acquire a copy of the malware and other malicious files.

For additional information about this threat, see:
Solution
Technical Details

Description created: Apr. 8, 2002 6:31:35 AM GMT -0800
Description updated: Apr. 8, 2002 7:45:24 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.