W32.Mydoom.N@mm is a variant of W32.Mydoom.M@mm. It is a mass-mailing worm that drops and executes a backdoor that is detected as Backdoor.Zincite.A
, which listens on TCP port 1034.
The worm uses its own SMTP engine to send itself to email addresses that it finds on the infected computer. The email contains a spoofed From address. The subject and body text will vary, as will the name of the attachment.
This threat is packed using ASPack.
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.