1. /
  2. Security Response/
  3. W32.Beagle.M@mm

W32.Beagle.M@mm

Risk Level 2: Low

Discovered:
March 13, 2004
Updated:
March 14, 2004 9:23:56 PM
Systems Affected:
Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows 2000
W32.Beagle.M@mm is a mass-mailing worm that opens a backdoor on TCP port 2745 and uses its own SMTP engine to spread through email. It also sends the attacker the port on which the backdoor listens, as well as the IP address. The email attachment is a randomly named .exe file inside a .zip file. The embedded .exe file is password-protected with a random password.

W32.Beagle.M@mm also attempts to spread across file-sharing networks, such as Kazaa and iMesh, by dropping itself into the directories that contain "shar" in their names.

This variant also contains a file infection routine that infects portable executable files with a .exe extension.

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver