 W32.Mydoom.AF@mm - new variant |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.| Important Announcement: The winners of the BC Million Post contest have been announced. You can read who the winners are at this post. - BleepingComputer Management |
  |
  Oct 17 2004, 07:40 PM
Post
#1
|
|
 Security Reporter  Group: News Reporters Posts: 491 Joined: 10-April 04 From: Roanoke, Virginia Member No.: 107  |
W32.Mydoom.AF@mm - new variant http://www.symantec.com/avcenter/venc/data...doom.af@mm.html http://www.trendmicro.com/vinfo/virusencyc...=WORM_NETSKY.AF W32.Mydoom.AF@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses that it finds from an infected system. The worm also contains back door functionality which allows unauthorized remote access to the infected computer. The email will have a variable subject and attachment name. The attachment will have a .cpl, .pif, or .scr file extension. QUOTE FORMAT OF EMAIL MESSAGE:
From: (spoofed) Subject: is one of the following: Announcement Details Document Fw:Document Fw:Important Fw:Information Fw:Notification Fw:Warning Important Information Notification Re:Details Re:Document Re:Important Re:Information Re:Notification Re:Warning Warning readnow! Message: is one of the following: Check the attached document. Daily Report. Details are in the attached document. Important Information. Kill the writer of this document! Monthly news report. Please answer quickly!. Please confirm!. Please read the attached file!. Please see the attached file for details Please see the attached file for details. Reply See the attached file for details Waiting for a Response. Please read the attachment. here is the document. your document. followed by: +++ Attachment: No Virus found followed by one of the following: +++ Bitdefender AntiVirus - www.bitdefender.com +++ F-Secure AntiVirus - www.f-secure.com +++ Kaspersky AntiVirus - www.kaspersky.com +++ MC-Afee AntiVirus - www.mcafee.com +++ MessageLabs AntiVirus - www.messagelabs.com +++ Norman AntiVirus - www.norman.com +++ Norton AntiVirus - www.symantec.com +++ Panda AntiVirus - www.pandasoftware.com Attachment: is one of the following: archive.doc attachment.doc check.doc data.doc document.doc error.doc file.doc information.doc letter.doc list.doc message.doc msg.doc news.doc note.doc notes.doc report.doc text.doc with a second file extension of .cpl, .pif, or .scr. -------------------- |
 |
 
|
 Oct 18 2004, 02:14 AM
Post
#2
|
|
 Member Group: Members Posts: 46 Joined: 26-May 04 From: EL Abdula Oasis Member No.: 565 |
Hey harrywaldron, Thanks for the heads up.
-------------------- |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 22nd November 2008 - 09:06 AM |
© 2003-2008 All Rights Reserved Bleeping Computer LLC.