Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- September 17, 2002
- Updated:
- February 13, 2007 11:40:32 AM
- Type:
- Worm
- Systems Affected:
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
- CVE References:
- CVE-2001-0154 CAN-2001-0875
W32.Appix.Worm is a worm that attempts to spread across file-sharing networks such as KaZaA and eDonkey2000. The worm infects PHP and PHTML files by appending code that is designed to infect other PHP, PHTML, HTM, and HTML files. It also uploads the W32.Appix.Worm to a client computer that visits the infected Web site. Also, W32.Appix.Worm contains it own SMTP client engine that permits it to replicate using email. The email may arrive with the following characteristics:
Subject: test23
Attachment: Test.scr (175,112 bytes or 176,128 bytes)
Due to buggy code some of the intended features of the worm are never executed. This may result in the display of error messages.
Antivirus Protection Dates
- Initial Rapid Release version September 17, 2002
- Latest Rapid Release version September 28, 2010 revision 054
- Initial Daily Certified version September 17, 2002
- Latest Daily Certified version September 28, 2010 revision 036
- Initial Weekly Certified release date September 18, 2002
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
- Wild Level: Low
- Number of Infections: 0 - 49
- Number of Sites: 0 - 2
- Geographical Distribution: Low
- Threat Containment: Easy
- Removal: Easy
Damage
- Damage Level: Medium
Distribution
- Distribution Level: Medium
Writeup By: Serghei Sevcenco
