Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- March 18, 2004
- Updated:
- March 18, 2004 8:19:16 PM
- Systems Affected:
- Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows 2000
W32.Beagle.T@mm is a mass-mailing worm that opens a backdoor on TCP port 2556 and uses its own SMTP engine to spread through email. The worm arrives as a HTML email with no attachment, the email is designed to exploit the Microsoft Internet Explorer object type validation vulnerability (BID 8456), if successfully exploited W32.Beagle.T@mm will be downloaded from a remote site and executed without user intervention.
W32.Beagle.T@mm also attempts to spread across file-sharing networks, such as KazaA and iMesh, by dropping itself into the directories that contain "shar" in their names.
This variant also contains a file infection routine that infects portable executable files with an .exe extension.
W32.Beagle.T@mm also attempts to spread across file-sharing networks, such as KazaA and iMesh, by dropping itself into the directories that contain "shar" in their names.
This variant also contains a file infection routine that infects portable executable files with an .exe extension.
