W32.Gaobot.GL is a variant of W32.Gaobot.ADW that attempts to spread to network shares and allows access to an infected computer through an IRC channel.
The worm uses multiple vulnerabilities to spread, including the WebDav vulnerability described in Microsoft Security Bulletin MS03-007
. It also uses TCP port 80 when doing this.
W32.Gaobot.GL is compressed with ASPack and UPX.
Virus definitions released on January 22, 2004 detect this threat as W32.HLLW.Gaobot.gen.
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.