[virusinfo] WORM_BAGLE.BE

  • From: "Mike" <mikebike@xxxxxxxxx>
  • To: virusinfo@xxxxxxxxxxxxx
  • Date: Tue, 01 Mar 2005 09:12:51 -0800

From; Trend Micro Newsletters Editor:

Dear Trend Micro customer,

As of March 1, 2005, 3:43 AM (GMT - 08:00), TrendLabs has declared a Medium
Risk Virus Alert to control the spread 

of WORM_BAGLE.BE. TrendLabs has received numerous infection reports
indicating that this malware is spreading in 

New Zealand and  Australia.

Initial analysis shows that this worm drops a copy of itself as
WINDLHHL.EXE in the Windows system folder upon 

execution. It then mass-mails copies of TROJ_BAGLE.BE, which is resposible
for downloading WORM_BAGLE.BE. The email that it sends out has the
following details:


        Subject: <blank>

        Message Body: price

        Attachment: <.ZIP copy of the TROJ_BAGLE.BE



TrendLabs will be releasing the following EPS deliverables:

TMCM Outbreak Prevention Policy 153
Official Pattern Release 2.456.00
Damage Cleanup Template 544

For more information on WORM_BAGLE.BE, you can visit our Web site at:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_BAGLE.BE

You can modify subscription settings for Trend Micro newsletters at:

http://www.trendmicro.com/subscriptions/default.asp



----------------------------------------------o0o----
IMPORTANT NOTE!
TrendLabs will also be releasing a 3-digit pattern file 990 that
corresponds with the pattern indicated in this 

email. This 3-digit pattern is a special release for users running non-NPF
compliant products (i.e., old 3-digit 

pattern format) and is designed to provide protection against the most
current malware threats. Users running 

non-NPF compliant products are still urged to apply the NPF solution 

<http://www.trendmicro.com/en/support/npf/overview.htm>. These users may
also upgrade to the latest product 

version. Only NPF-compliant products will be able to update with regular
pattern releases.



______________________________________________________________________
This message was sent by Trend Micro's Newsletters Editor using Responsys
Interact (TM).



To view our permission marketing policy:
    http://www.rsvp0.net
Copyright 1989-2004 Trend Micro, Inc.  All rights reserved
Trend Micro, Inc., 10101 N. De Anza Blvd., Suite 200, Cupertino, CA 95014

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member

Other related posts:

  • » [virusinfo] WORM_BAGLE.BE
  1. Home
  2. virusinfo
  3. Archive
  4. 03-2005