Bagle is Back

Taimishu

Blue Belt
Joined
Mar 18, 2004
Messages
245
Reaction score
5
Location
London Croydon
Heads up received this morning .

Dear Trend Micro customer,

As of August 9, 2004 11:30 am PST, TrendLabs has declared a YELLOW alert to control the spread of WORM_BAGLE.AC. Several infection reports of this mass-mailing worm were received from the United States.

This worm is downloaded by TROJ_BAGLE.AC. Upon execution, it drops copies of itself in the Windows system folder using the following filenames:

windll.exe
windll.exeopen
windll.exeopenopen

It sends out .ZIP compressed files containing TROJ_BAGLE.AC and HTML_BAGLE.AC via email.

This PEX-compressed worm runs on Windows 95, 98, ME, NT, 2000, and XP.

TrendLabs will be releasing the following EPS deliverables:

TMCM Outbreak Prevention Policy 125
Official Pattern Release 953
Damage Cleanup Template 390

For more information on WORM_BAGLE.AC, you can visit our Web site at:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_BAGLE.AC

Contact av_query@support.trendmicro.com for inquiries and to report infections in your region.

----------------------------------------------o0o----
CRITICAL PRODUCT UPDATE!
New Pattern File Numbering Format upgrade for Trend Micro products is REQUIRED by July 2004. Click www.trendmicro.com/npf for details!

David
 

Latest Discussions

Top