Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- January 7, 2006
- Updated:
- May 17, 2007 10:00:37 PM
- Type:
- Worm
- Infection Length:
- varies
- Systems Affected:
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
W32.Feebs is a detection for a family of mass-mailing worm that also spreads through file-sharing networks and lowers security settings on the compromised computer. The worm may also send confidential information to a remote attacker via FTP.
The worm variant arrives as an email attachment with an .HTA extension. Once the .HTA file is viewed, a malicious JavaScript then drops or downloads a copy of the worm executable.
The worm variant arrives as an email attachment with an .HTA extension. Once the .HTA file is viewed, a malicious JavaScript then drops or downloads a copy of the worm executable.
Antivirus Protection Dates
- Initial Rapid Release version January 8, 2006
- Latest Rapid Release version August 7, 2010 revision 032
- Initial Daily Certified version January 8, 2006
- Latest Daily Certified version August 8, 2010 revision 003
- Initial Weekly Certified release date January 11, 2006
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
- Wild Level: Medium
- Number of Infections: 50 - 999
- Number of Sites: 10+
- Geographical Distribution: Low
- Threat Containment: Easy
- Removal: Moderate
Damage
- Damage Level: Medium
- Payload: May send a copy of itself to addresses gathered from the compromised computer.
- Compromises Security Settings: May lower security settings by stopping security-related services.
Distribution
- Distribution Level: High
- Subject of Email: Varies
- Name of Attachment: Varies
- Ports: TCP 80
Writeup By: Kaoru Hayashi
