W32.Beagle.AG@mm

Risk Level 2: Low

Download Removal Tool|Printer Friendly Page|Rate this page

Discovered:: July 19, 2004
Updated:: February 13, 2007 12:25:27 PM
Also Known As:: WORM_BAGLE.AH [Trend Micro], W32/Bagle.ai@MM [McAfee], W32/Bagle-AI [Sophos], Win32.Bagle.AI [Computer Assoc, I-Worm.Bagle.ai [Kaspersky]
Type:: Worm
Systems Affected:: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP

W32.Beagle.AG@mm is a mass-mailing worm that uses its own SMTP engine to spread through email and opens a backdoor on TCP port 1080.

The subject line, body, and attachment name of the email vary. The attachment will have a .com, .cpl, .exe, .scr, or .zip file extension. If the file attachment is a .zip file, it will be password protected. This zip file will be detected as W32.Beagle@mm!zip.

The worm is packed with PeX.

Antivirus Protection Dates

Initial Rapid Release version July 19, 2004
Latest Rapid Release version September 28, 2010 revision 054
Initial Daily Certified version July 19, 2004
Latest Daily Certified version September 28, 2010 revision 036
Initial Weekly Certified release date July 19, 2004

Click for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

Wild Level: Low
Number of Infections: More than 1000
Number of Sites: More than 10
Geographical Distribution: Low
Threat Containment: Easy
Removal: Moderate

Damage

Damage Level: Medium

Distribution

Distribution Level: High

Technical Details

Search Threats

Search by name

Example: W32.Beagle.AG@mm

Internet Security Threat Report, Volume 16