W32.Beagle.A@mm

W32.Beagle.A@mm is a mass-mailing worm that accesses remote Web sites and sends email to any addresses it finds using its own SMTP engine.

The email has the following characteristics:

Subject: Hi
Filename: <Random>.exe
Filesize: 15,872 bytes

The worm file has the following icon:



The worm will only work until January 28, 2004 (See Note in step 1 in the "Technical Details" section below).

Some customers have reported that Trojan.Mitglieder.C has been discovered on computers infected with W32.Beagle.A@mm.

---

Note: Symantec Consumer products that support Worm Blocking functionality automatically detect this threat as it attempts to spread.

---

The worm tries to contact the following Web sites:

www.elrasshop.de
www.it-msc.de
www.getyourfree.net
www.dmdesign.de
64.176.228.13
www.leonzernitsky.com
216.98.136.248
216.98.134.247
www.cdromca.com
www.kunst-in-templin.de
vipweb.ru
antol-co.ru
www.bags-dostavka.mags.ru
www.5x12.ru
bose-audio.net
www.sttngdata.de
wh9.tu-dresden.de
www.micronuke.net
www.stadthagen.org
www.beasty-cars.de
www.polohexe.de
www.bino88.de
www.grefrathpaenz.de
www.bhamidy.de
www.mystic-vws.de
www.auto-hobby-essen.de
www.polozicke.de
www.twr-music.de
www.sc-erbendorf.de
www.montania.de
www.medi-martin.de
vvcgn.de
www.ballonfoto.com
www.marder-gmbh.de
www.dvd-filme.com
www.smeangol.com

Protection

• Initial Rapid Release version January 18, 2004
• Latest Rapid Release version October 22, 2007 revision 040
• Initial Daily Certified version January 18, 2004
• Latest Daily Certified version October 20, 2007 revision 006
• Initial Weekly Certified release date January 18, 2004

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

• Wild Level: Low
• Number of Infections: More than 1000
• Number of Sites: More than 10
• Geographical Distribution: High
• Threat Containment: Easy
• Removal: Moderate

Damage

• Damage Level: Low

Distribution

• Distribution Level: High