1. /
  2. Security Response/
  3. W32.Mixor.Q@mm

W32.Mixor.Q@mm

Risk Level 2: Low

Discovered:
December 29, 2006
Updated:
February 5, 2007 8:47:29 PM
Also Known As:
W32/Dref-V [Sophos], WORM_NUWAR.BH [Trend], WORM_NUWAR.EE [Trend], Win32/Luder.U [Computer Associates], Win32/Luder.O [Computer Associates], W32/Dref-AA [Sophos], W32/Tibs [Norman], W32/Dref@MM [McAfee], W32.Dref@mm [Sunbelt Software]
Type:
Worm
Infection Length:
17,559 bytes; 47,235 bytes; 48,259 bytes; 51,310 bytes (varies)
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
W32.Mixor.Q@mm is a mass-mailing worm that drops additional malware on to the compromised computer. It may also drop a copy of Trojan.Galapoper.A (MCID 7483) or Trojan.Peacomm (MCID 9802) on to the compromised computer.

Antivirus Protection Dates

  • Initial Rapid Release version December 30, 2006
  • Latest Rapid Release version August 20, 2014 revision 032
  • Initial Daily Certified version December 30, 2006
  • Latest Daily Certified version August 20, 2014 revision 018
  • Initial Weekly Certified release date January 3, 2007
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Medium
  • Number of Infections: 1000+
  • Number of Sites: 10+
  • Geographical Distribution: Medium
  • Threat Containment: Easy
  • Removal: Moderate

Damage

  • Damage Level: Medium
  • Payload: Drops additional malware on to the compromised computer.
  • Compromises Security Settings: Ends security-related processes.

Distribution

  • Distribution Level: High
  • Subject of Email: Varies
  • Name of Attachment: Varies
Writeup By: Ka Chun Leung and Mircea Ciubotariu

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver