1. Symantec/
  2. Security Response/
  3. W32.Bugbear@mm

W32.Bugbear@mm

Risk Level 2: Low

Discovered:
September 30, 2002
Updated:
February 13, 2007 11:40:35 AM
Also Known As:
W32/Bugbear-A [Sophos], WORM_BUGBEAR.A [Trend], Win32.Bugbear [CA], W32/Bugbear@MM [McAfee], I-Worm.Tanatos [AVP], W32/Bugbear [Panda], Tanatos [F-Secure]
Type:
Worm
Systems Affected:
Windows
CVE References:
CVE-2001-0154


NOTE: Due to a decreased rate of submissions, Symantec Security Response has downgraded this threat from a Category 3 to a Category 2 as of October 24, 2003.

W32.Bugbear@mm is a mass-mailing worm. It can also spread through network shares. It has keystroke-logging and backdoor capabilities. The worm also attempts to terminate the processes of various antivirus and firewall programs.

Because the worm does not properly handle the network resource types, it may flood shared printer resources, which causes them to print garbage or disrupt their normal functionality.

It is written in the Microsoft Visual C++ 6 programming language and is compressed with UPX v0.76.1-1.22.

Antivirus Protection Dates

  • Initial Rapid Release version September 30, 2002
  • Latest Rapid Release version March 23, 2017 revision 037
  • Initial Daily Certified version September 30, 2002
  • Latest Daily Certified version March 23, 2017 revision 041
  • Initial Weekly Certified release date September 30, 2002
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Yana Liu

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube