Heads Up**VBS.Bingd@mm

[Und3ertak3r]

Hi Guys..

Another Cat 2 from Symantec
Symantec Info Page

VBS.Bingd@mm

This ones entry is due to its Distribution Capability.

Threat Assesment

Wild:- Low
Damage:- Low
Distribution:- High

Wild:

Number of infections: 0 - 49
Number of sites: 0 - 2
Geographical distribution: Low
Threat containment: Easy
Removal: Easy


Damage:
Payload:
Large scale e-mailing: Sends mail to the first seven addresses in the Outlook Address book.
Degrades performance: Affects look and feel of Microsoft Internet Explorer.

Summary of Threat

VBS.Bingd@mm is a mass-mailing worm that spreads using Microsoft Outlook. It modifies the registry and sends itself to the first seven addresses in the Microsoft Outlook Address Book. It is written in Visual Basic Script.

Also Known As: Trojan.VBS.NoExp (KAV), VBS/Generic@MM (McAffee)
Type: Worm
Infection Length: 3878
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me
Systems Not Affected: Windows 3.x, Microsoft IIS, Macintosh, OS/2, UNIX, Linux

Technical Details

Sample only

Searches for Microsoft Outlook. If it is installed, the worm will send itself to the first seven entries in the address book. The subject of the email is in Chinese
()

Roughly translated, this means "Are you coming tonight?"

The body of the email is also in Chinese:



It asks the recipient to read the attached letter.

The attachment is Bingdian.vbs.

Cheers

[mark_boyle2002]

Keep up the good work Taker, One of your pre4vious warnings actually arrived here 30 minutes after your post