RSS

W32.Evaman.C@mm

Mild
Staff Writer
2004-08-03

Insider Reports RSS Feed

W32.Evaman.C@mm is a mass-mailing worm that sends HTTP Get requests to the Web site, email.people.yahoo.com, to obtain email addresses. It also retrieves the email addresses from Windows Address Book files and from the files with the extensions .adb, .asp, .cfg, .dbx, .dhtm, .eml, .htm, .html, .jse, .jsp, .mmf, .msg, .ods, .php, .pl, .sht, .shtm, .shtml, .tbb, .txt, .wab, and .xml.

W32.Evaman.C@mm uses its own SMTP engine to send itself to the email addresses that it finds.

The email will have one of these subjects:

* SN: New secure mail

* Secure delivery

* failed transaction

* Re: hello (Secure-Mail)

* Re: Extended Mail

* Delivery Status (Secure)

* Re: Server Reply

* SN: Server Status

This threat is compressed with UPX.

Find more information at Symantec.com.

About the Author:
Mild: Considered to be of moderate concern. Update all software and virus definitions. Consider it a direct threat

More threats_virus_threats Articles

Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Featured On:

article resources

WebProWorld.com

•	Get in-touch with industry experts and leaders
•	Post your site for review by expert and peers
•	Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com


Titan Quest Forum The #1 Titan Quest forum
Halo 3 Forum The best Halo, Halo 2, Halo 3 forum
Nintendo Wii Nintendo Wii news and views
Mac Software The best in OS X freeware
Graphics Forum Your source for graphic tutorials