- February 29, 2004
- March 1, 2004 4:55:42 PM
W32.Beagle.G@mm is a persistent mass-mailing worm that sends itself to all email addresses it gathers from certain files on the compromised system. The worm also opens a backdoor on the system that listens on TCP port 2745. It includes its own SMTP engine in the form of a DLL injected into the address space of explorer.exe. The worm also sends identification information to remote servers, presumably under the control of the author. It is almost identical in functionality to W32.Beagle.F@mm.