1. Symantec/
  2. Security Response/
  3. W32.HLLW.Indor.B@mm

W32.HLLW.Indor.B@mm

Discovered:
January 23, 2003
Updated:
February 13, 2007 11:50:10 AM
Type:
Worm
Systems Affected:
Windows

W32.HLLW.Indor.B@mm is a mass-mailing worm that uses Microsoft Outlook to send a zipped copy of itself to all the contacts in the Microsoft Outlook Address Book. When W32.HLLW.Indor.B@mm runs, it displays a fake message, stating "Error in file #1: bad Zip file offset (Error local header signature not found): disk #1 offset: 68669733"

W32.HLLW.Indor.B@mm can also spread through network drives, floppy disks, the KaZaA file-sharing network, and mIRC.

The email has the following characteristics:

Subject: The subject line is one of the following:
  • Your verification is required Confirm FFA submission and receive 1000 Credit
  • Your Success Is Guranteed!
  • You are Losing Income
  • WHY NOT CHECK IT OUT? IT'S FREE!
  • Free Software, Download it now !!
  • Free MP3, OGG/VORBIS Hit Songs !!
  • Download DVD Movie Now !! Its Free..!
  • URGENT: Please Verify Your Submission Confirm FFA submission !!
  • The E.A.S.E System Can Make You Money At Home!!
  • Thank You !
  • Re: Your Daily Report
  • Re: Web Site Report
  • WE send the TRAFFIC, YOU make the SALES!
  • Thank You For Your Subscription - Confirmation
  • Need a quick $100 today?
  • Confirmation Email - Required !

Attachment: The attachment, which is a zipped copy of the worm, is one of the following:
  • SaveNow.zip
  • Report.zip
  • Bonus.zip
  • FFA.zip
  • FreeJoin.zip

This threat is written in the Microsoft Visual Basic programming language and is compressed with UPX.

Antivirus Protection Dates

  • Initial Rapid Release version January 24, 2003
  • Latest Rapid Release version January 24, 2003
  • Initial Daily Certified version January 24, 2003
  • Latest Daily Certified version January 24, 2003
  • Initial Weekly Certified release date January 29, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Yana Liu

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube