Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » VBS/LoveLetter.BD@mm

Overview

Threat Risk LOW LOW
Destructivity NONE NONE
Payload
Detection files published 15 Aug 2000 03:00:00
Description created 15 Aug 2000 03:00:00
Description updated 15 Aug 2000 03:00:00
Malware type VIRUS
Alias
Spreading mechanism EMAIL
Summary None

VBS/LoveLetter.BD@mm

Spreading

This particular virus is not polymorphic and will activate whenever the scriptfile is executed/opened.

When the file is run, it will open Notepad and display an advertisement for a Knowledge Engineer in Zurich. The text is in German. VBS/LoverLetter.BD@mm will then email itself to all addresses in the address book.

Payload Details

The virus does not carry a payload, but it does try to get a password stealing trojan via ftp and run it in the background.

Analysis

n/a

Removal

VBS/LoveLetter.BD @mm as well as the dropped trojan W32/Hooker.2_4.Trojan can be detected and removed by Lumension's antivirus products. The Visual Basic Script viruses rely on the association between .VBS files and Windows Scripting Host to execute.


Last Updated: 12 Nov 2015 11:06:10