Discovered: September 12, 2003
Updated: February 13, 2007 12:07:15 PM
Also Known As: Bloodhound.W32.5
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT
W32.Patoo@mm is a mass-mailing worm that attempts to use Microsoft Outlook to email itself to all the contacts in the Address Book.
The email has the following characteristics:
Subject:
hey..
Attachment: Stop Messenger Popups
Notes:
- While the attachment name is displayed as Stop Messenger Popups, the attachment is actually the original filename of the worm (most likely Msngrblock.exe). This is accomplished by modifying the label of the attachment to deceive the recipient.
- Virus definitions dated prior to September 15, 2003 may detect this threat as Bloodhound.W32.5.
W32.Patoo@mm is written in Microsoft Visual Basic.
Protection
-
Initial Rapid Release version September 15, 2003
-
Latest Rapid Release version July 19, 2008 revision 019
-
Initial Daily Certified version September 15, 2003
-
Latest Daily Certified version January 20, 2009 revision 048
-
Initial Weekly Certified release date September 17, 2003
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Difficult
Damage
Distribution
Writeup By: Scott Gettis
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
