Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- July 31, 2002
- Updated:
- February 13, 2007 11:39:51 AM
- Also Known As:
- W32/Holar@MM [McAfee], W32/Holar.b@MM [McAfee], WORM_HOLAR.A [Trend], I-Worm.Holar [KAV], W32/Holar-A [Sophos], Win32.Holar [CA]
- Type:
- Worm
- Systems Affected:
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
- CVE References:
- CVE-2001-0154
W32.Holar.A@mm is a mass-mailing worm. It is written in Microsoft Visual Basic (VB) programming language and compressed with UPX.
The worm uses Microsoft Outlook or its own SMTP engine to send itself to all addresses that it finds in the Microsoft Outlook Address Book, .htm, and .html files. The email message contains no message body and has a randomly selected subject line, which is also the attachment name. The attachment has a .pif or .scr extension.
The worm also spreads using MSN Messenger, mIRC, and Network shares.
Antivirus Protection Dates
- Initial Rapid Release version July 31, 2002
- Latest Rapid Release version September 28, 2010 revision 054
- Initial Daily Certified version July 31, 2002
- Latest Daily Certified version September 28, 2010 revision 036
- Initial Weekly Certified release date July 31, 2002
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
- Wild Level: Low
- Number of Infections: 0 - 49
- Number of Sites: 0 - 2
- Geographical Distribution: Low
- Threat Containment: Easy
- Removal: Moderate
Damage
- Damage Level: Low
Distribution
- Distribution Level: High
Writeup By: Yana Liu
