1. /
  2. Security Response/
  3. W32.Myparty@mm

W32.Myparty@mm

Risk Level 2: Low

Discovered:
January 26, 2002
Updated:
February 13, 2007 11:57:27 AM
Also Known As:
W32/Myparty@MM [McAfee], WORM_MYPARTY.A [Trend], W32/MyParty-A [Sophos], Win32.MyParty [CA], I-Worm.Myparty [AVP]
Type:
Trojan Horse, Worm
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP

W32.Myparty@mm is a mass-mailing email worm. This worm is capable of spreading itself only between January 25, 2002, and January 29, 2002. However, it remains active on infected computers after this period of time.

It has the following characteristics:

Subject: new photos from my party!
Message:
Hello!

My party... It was absolutely amazing!
I have attached my web page with new photos!
If you can please make color prints of my photos. Thanks!

Attachment: www.myparty.yahoo.com

The worm sends email to all contacts in the Windows address book and to email addresses that it finds in the Outlook Express inboxes and folders. In addition, the worm sends a message to the author so that the author can track the worm.

On Windows NT/2000/XP-based computers, the worm drops a backdoor Trojan that allows a hacker to control the system. Norton AntiVirus detects this as Backdoor.Myparty.

Finally, if the file name of the worm is Access.<any extension>, it may launch the Web browser to http:/ /www.disney.com. However, the worm does not contain code which can generate a file with the name Access.<any extension>, so it is highly unlikely that this will trigger.

Antivirus Protection Dates

  • Initial Rapid Release version January 28, 2002
  • Latest Rapid Release version August 20, 2008 revision 017
  • Initial Daily Certified version January 28, 2002
  • Latest Daily Certified version August 20, 2008 revision 016
  • Initial Weekly Certified release date January 28, 2002
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: More than 1000
  • Number of Sites: More than 10
  • Geographical Distribution: High
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Low

Distribution

  • Distribution Level: High
Writeup By: Douglas Knowles

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver