-
Discovered:
- December 29, 2006
-
Updated:
- February 5, 2007 8:47:29 PM
-
Also Known As:
- W32/Dref-V [Sophos], WORM_NUWAR.BH [Trend], WORM_NUWAR.EE [Trend], Win32/Luder.U [Computer Associates], Win32/Luder.O [Computer Associates], W32/Dref-AA [Sophos], W32/Tibs [Norman], W32/Dref@MM [McAfee], W32.Dref@mm [Sunbelt Software]
-
Type:
- Worm
-
Infection Length:
- 17,559 bytes; 47,235 bytes; 48,259 bytes; 51,310 bytes (varies)
-
Systems Affected:
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
W32.Mixor.Q@mm is a mass-mailing worm that drops additional malware on to the compromised computer. It may also drop a copy of Trojan.Galapoper.A (MCID 7483) or Trojan.Peacomm (MCID 9802) on to the compromised computer.
Antivirus Protection Dates
-
Initial Rapid Release version December 30, 2006
-
Latest Rapid Release version May 25, 2013 revision 009
-
Initial Daily Certified version December 30, 2006
-
Latest Daily Certified version May 25, 2013 revision 006
-
Initial Weekly Certified release date January 3, 2007
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Medium
-
Number of Infections: 1000+
-
Number of Sites: 10+
-
Geographical Distribution: Medium
-
Threat Containment: Easy
-
Removal: Moderate
Damage
-
Damage Level: Medium
-
Payload: Drops additional malware on to the compromised computer.
-
Compromises Security Settings: Ends security-related processes.
Distribution
-
Distribution Level: High
-
Subject of Email: Varies
-
Name of Attachment: Varies
Writeup By: Ka Chun Leung and Mircea Ciubotariu
