1. Symantec/
  2. Security Response/
  3. W32.Appix.Worm


Risk Level 1: Very Low

September 17, 2002
February 13, 2007 11:40:32 AM
Systems Affected:
CVE References:
CVE-2001-0154 CAN-2001-0875

W32.Appix.Worm is a worm that attempts to spread across file-sharing networks such as KaZaA and eDonkey2000. The worm infects PHP and PHTML files by appending code that is designed to infect other PHP, PHTML, HTM, and HTML files. It also uploads the W32.Appix.Worm to a client computer that visits the infected Web site. Also, W32.Appix.Worm contains it own SMTP client engine that permits it to replicate using email. The email may arrive with the following characteristics:
Subject: test23
Attachment: Test.scr (175,112 bytes or 176,128 bytes)

Due to buggy code some of the intended features of the worm are never executed. This may result in the display of error messages.

Antivirus Protection Dates

  • Initial Rapid Release version September 17, 2002
  • Latest Rapid Release version March 23, 2017 revision 037
  • Initial Daily Certified version September 17, 2002
  • Latest Daily Certified version March 23, 2017 revision 041
  • Initial Weekly Certified release date September 18, 2002
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Serghei Sevcenco

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube