Discovered: July 19, 2004
Updated: February 13, 2007 12:25:27 PM
Also Known As: WORM_BAGLE.AH [Trend Micro], W32/Bagle.ai@MM [McAfee], W32/Bagle-AI [Sophos], Win32.Bagle.AI [Computer Assoc, I-Worm.Bagle.ai [Kaspersky]
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
W32.Beagle.AG@mm is a mass-mailing worm that uses its own SMTP engine to spread through email and opens a backdoor on TCP port 1080.
The subject line, body, and attachment name of the email vary. The attachment will have a .com, .cpl, .exe, .scr, or .zip file extension. If the file attachment is a .zip file, it will be password protected. This zip file will be detected as
W32.Beagle@mm!zip.
The worm is packed with PeX.
Protection
-
Initial Rapid Release version July 19, 2004
-
Latest Rapid Release version October 5, 2009 revision 038
-
Initial Daily Certified version July 19, 2004
-
Latest Daily Certified version October 5, 2009 revision 040
-
Initial Weekly Certified release date July 19, 2004
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: More than 1000
-
Number of Sites: More than 10
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Moderate
Damage
Distribution
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
