|
Description:
This memory-resident Internet worm propagates through email using its own Simple Mail Transfer Protocol (SMTP) engine. The email arrives in the following format:
From:
james@<recipient's domain name>
Subject: Re[2]: our private photos ???
Message Body:
Hello Dear!,
Finally i've found possibility to right u, my lovely girl :)
All our photos which i've made at the beach (even when u're without ur bh:))
photos are great! This evening i'll come and we'll make the best SEX :)
Right now enjoy the photos.
Kiss, James.
???
(Note: ??? is a variable string)
Attachment: photos.zip
It launches a Denial of Service (DoS) attack against the following URLs:
- www.darkprofits.com
- www.darkprofits.net
- darkprofits.com
- darkprofits.net
It also steals vital system information, which are displayed on the Web browser, whenever the following e-gold Account Access page is accessed:
https://www.e-gold.com/acct/login.html
This worm runs on Windows 95, 98, ME, NT, 2000 and XP.
For additional information about this threat, see:
Solution
Technical Details
Description created: Oct. 31, 2003 5:58:45 AM GMT -0800
Description updated: Nov. 8, 2003 6:30:23 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
