This information from Symantec
more information from:
Sophos (aka: Cult.b)
VS Antivirus -Spanish (aka: BlueCard)
McAfee (aka: Lanet)
Panda (Cult.b)
Trend Micro
Computer Associates
CheersW32.HLLW.Cult.C@mm is an email worm that has backdoor capabilities. It uses its own SMTP engine to send itself to randomly generated recipient names at these domains:
email.com
earthlink.net
roadrunner.com
yahoo.com
msn.com
hotmail.com
The email message has the following characteristics:
Subject: Hi, I sent you an eCard from BlueMountain.com
Message:
Hi , I sent you an eCard from Blue-Mountain.com To view your eCard, open the attachment
If you have any comments or questions, please visit http:/ /www.bluemountain.com/customer/index.pd
Thanks for using BlueMountain.com.
Attachment: BlueMountaineCard.pif
This threat is compressed with ASPack.