|
Description:
This worm propagates by sending itself via email and through shared network drives. It gathers target email addresses from the Windows Address Book (WAB) and .HTM files. The email that it sends out is either in English or Spanish and arrives with a random subject line:
Subject:(name of attached file)
Message Body:
ENGLISH:
Hi! How are you?
I send you this file in order to have your advice
See you later. Thanks
SPANISH:
Hola como estas ? Te mando este archivo para que me des tu punto de vista
Nos vemos pronto, gracias.
Attachment:<FNAME.EX1.EX2>
The worm the email message body can also contain the following:
ENGLISH:
I hope you like the file that I sendo you
This is the file with the information that you ask for
I hope you can help me with this file that I send
SPANISH:
Este es el archivo con la informacion que me pediste
Espero te guste este archivo que te mando
Espero me puedas ayudar con el archivo que te mando
The attachment is a copy of the worm merged with a randomly chosen file from the infected system.
This destructive worm attempts to delete all the files and folders in the infected system upon execution. However, it may not be able to delete all files in the default Windows folder since some may be in use.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jul. 27, 2001 2:17:38 AM GMT -0800
Description updated: Oct. 11, 2001 4:59:55 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
