|
Description:
This memory-resident worm propagates via email with the following details:
Subject: JENIFER DESNUDA\JENIFFER NAKED
Message body:
- Haz visto a Jeniffer Lopez desnuda?
- Hechale un vistazo a esta pagina
- Contraseta: 123
- Have you seen Jeniffer Lopez undressed?
- Just see this web
- Password: 123
Attachment: www.jeniferlopez.com
It displays any of the following fake error messages upon execution:
It drops a copy of itself using the file name WWW.JENIFERLOPEZ.COM in the Windows system folder.
Its file dropper uses an Outlook Express icon to trick a user into executing it. It also uses a file name with long trailing spaces between the real file extension so that the user may not notice that the said file is actually an executable and not an Outlook mail message. An example is RefusedMail.eml<spaces>.exe.
This malware is written in Visual Basic, a high-level programming language, and runs on Windows 95, 98, ME, NT, 2000, and XP.
For additional information about this threat, see:
Solution
Technical Details
Description created: Apr. 28, 2004 6:18:26 PM GMT -0800
Description updated: Apr. 29, 2004 7:06:50 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
