W32.Netsky.W@mm is a minor variant of W32.Netsky.N@mm. This variant is also a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses it finds when scanning the hard drives and mapped drives.
The "sender" of the email is spoofed, and its subject, message body, and attachment vary. The attachment has .exe, .pif, or .scr as extension. The worm may also send its zipped copy as attachment.
This threat is compressed with UPX.
- The worm has an MD5 hash value of 0XE6D771C24E8DBAF9543851E893C3E304
- This threat may be detected as W32.Netsky.gen@mm with defintions prior to 4/17/2004.
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.