TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
WORM_PANOIL.C
Overview
Solution

Malware type: Worm

Aliases: Email-Worm.Win32.Panoil.e (Kaspersky), W32/Generic.a@MM (McAfee), W32.Panol@mm (Symantec), Worm/Panoil.E (Avira), W32/Panoil-C (Sophos), Worm:Win32/Panolis.A@mm (Microsoft)

In the wild: No

Destructive: No

Language: English

Platform: Windows 95, 98, ME, NT, 2000, XP

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 High

Distribution potential:

 High

Description: 

This memory-resident worm uses Microsoft Outlook to send copies of itself to all email addresses found in the Outlook Address Book. The email message it sends out has the following characteristics:

Subject: Contact Information
Message Body:
tries to repair the infected mail messages; removes messages in case they are unrepairable.
Attachment: Mail_Check.exe

It also drops a malicious VBScript file named PAKET.VBS in the root folder of the drive C. Detected as VBS_PANOIL.C, it contains codes to issue a Denial of Service attack against www.ttnet.tr.

This worm runs on Windows 95, 98, ME, NT, 2000, and XP.

For additional information about this threat, see:
Solution
Technical Details

Description created: Sep. 4, 2003 7:06:58 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.