Bagle.AF Virus Alert

Printable View

July 16th, 2004, 04:18 AM
NeonWizard

Bagle.AF Virus Alert

As of 4:15 PM (GMT -07:00) DST, TrendLabs declared a Medium alert to control the spread of this new BAGLE variant that is spreading via email and network shares. Initial infection reports has been received from the U.S. and Canada.

This worm utilizes SMTP (Simple Mail Transfer Protocol) to propagate via email.

This worm arrives via email and network shares. Upon execution, it drops copies of itself as the following files in the Windows system folder:

sysxp.exe
sysxp.exeopen
sysxp.exeopenopen

Bagle.AF by Trendmicro

Bagle.AF Secunia Advisory
July 16th, 2004, 04:29 AM
spamdies

If thats the same one symantech is listing as bagle.ab then it is also opening port 1080 for a open relay.
July 16th, 2004, 08:27 AM
Und3ertak3r

Yes it is the one listed by SYMANTEC as W32.Beagle.AB@mm

AKA: W32/Bagle.af@MM [McAfee], WORM_BAGLE.AF [Trend]
Syatems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Status Level: 3

Distribution High
Damage: Medium
Wild: High

Link Here

http://[email protected]

Cheers