Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- August 27, 2002
- Updated:
- February 13, 2007 11:40:10 AM
- Type:
- Worm
- Systems Affected:
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
W32.HLLW.Oror@mm is a mass-mailing worm that sends itself to all email senders that it finds in incoming messages. The worm also spreads using mIRC, network shares, and mapped drives. It will attempt to close windows and delete files of various antivirus and firewall programs.
The email message arrives with the following characteristics:
Subject: The subject line can be one of the following,
- Zdrasti..
- Ohoo!!
- Pisamce
- Liubofta e kato Rai, no moje da boli kato Ad
- TinKi WinKy!!
- HeY :)
- ZzZz :)
- Vajno!!
- Blondinkii:)
- Hi BaBy :)
- HeY..
- aBcDeFgHiJkLmNoPqRsT..
- Don't cry
- Very Important
- Miracle
- LOVE is like HEAVEN but it can hurt like HELL.
- Blondies Forever :)
- Hi!!
- WoWoWoWOWowo..
- yoOo ;)
Attachment: The attachment can be one of the following,
- Love Zodiak.exe
- TNT!CC gEN.exe
- Panda Anti-Worm.exe
- Blondies.exe
- mTV Charts.exe
- Setup.exe
- Osama Your Mamma.exe
- [TNT]!CC geN.exe
- Sorry.exe
- Magic.exe
- Love.exe
- Zodiak.exe
- mTV.exe
- Faith.exe
- Kama Sutra.exe
- Fun.exe
- Smile.exe
- Pamela.exe
- Candy.exe
Antivirus Protection Dates
- Initial Rapid Release version August 28, 2002
- Latest Rapid Release version December 8, 2010 revision 006
- Initial Daily Certified version August 28, 2002
- Latest Daily Certified version December 8, 2010 revision 036
- Initial Weekly Certified release date August 28, 2002
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
- Wild Level: Low
- Number of Infections: 0 - 49
- Number of Sites: 0 - 2
- Geographical Distribution: Low
- Threat Containment: Easy
- Removal: Easy
Damage
- Damage Level: Medium
Distribution
- Distribution Level: High
Writeup By: Yana Liu
