1. /
  2. Security Response/
  3. W32.Waledac.C

W32.Waledac.C

Risk Level 1: Very Low

Discovered:
February 8, 2012
Updated:
April 17, 2013 1:56:07 PM
Also Known As:
Troj/Agent-ABGQ [Sophos], Troj/Tepfer-Q [Sophos], Troj/Backdr-IN [Sophos]
Type:
Worm
Infection Length:
883,200 bytes
Systems Affected:
Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP
W32.Waledac.C is a worm that spreads through removable drives and by sending emails that contain links to copies of itself. It also opens a back door on the compromised computer.

For more information, please see the following resource:
W32.Waledac

Antivirus Protection Dates

  • Initial Rapid Release version February 8, 2012 revision 006
  • Latest Rapid Release version February 19, 2013 revision 016
  • Initial Daily Certified version February 8, 2012 revision 019
  • Latest Daily Certified version November 28, 2012 revision 016
  • Initial Weekly Certified release date February 8, 2012
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Medium
  • Payload: Opens a back door on the compromised computer. Downloads more files.
  • Releases Confidential Info: Attempts to steal information from the computer.

Distribution

  • Distribution Level: Low
  • Target of Infection: Removable drives and links in emails.
Writeup By: Liang Yuan

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver