VBS.Biscuit.A@mm is a mass-mailing worm that sends itself as an attachment to the first 50 email addresses in the Microsoft Outlook Address Book.
The email message will have the following characteristics:
Subject:
Adsl no problem!!!
Attachments: Adsl_no_problem.pdf<184 spaces>.vbs
The worm attempts to copy itself to both the local host and reachable remote network shares. It will copy itself to the root of the network share as Netlog.vbs.
The worm will also copy the original worm filename to the following folders if it is able to copy netlog.vbs to the root of the share:
- <network share root>\Windows\Menu Avvio\Programmi\Esecuzione automatica
- <network share root>\Windows\startm~1\programs\startup
- <network share root>\Windows
- <network share root>\Windows\start menu\programs\startup
- <network share root>\Win95\start menu\programs\startup\
On the 10th of every month, VBS.Biscuit.A@mm will display a pop-up message.
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
