1. Symantec/
  2. Security Response/
  3. W32.Beagle.S@mm

W32.Beagle.S@mm

Risk Level 2: Low

Discovered:
March 18, 2004
Updated:
March 18, 2004 6:25:23 PM
Systems Affected:
Windows
W32.Beagle.S@mm is a mass-mailing worm that opens a backdoor on TCP port 2556 and uses its own SMTP engine to spread through email. The worm arrives as a HTML email with no attachment, the email is designed to exploit the Microsoft Internet Explorer object type validation vulnerability (BID 8456), if successfully exploited W32.Beagle.S@mm will be downloaded from a remote site and executed without user intervention.

W32.Beagle.S@mm also attempts to spread across file-sharing networks, such as KazaA and iMesh, by dropping itself into the directories that contain "shar" in their names.

This variant also contains a file infection routine that infects portable executable files with an .exe extension.

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube