Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » W32/Yaha.E@mm

Overview

Threat Risk LOW LOW
Destructivity LOW LOW
Payload Attacks security software
Detection files published 19 Jun 2002 03:00:00
Description created 09 Jul 2002 04:31:00
Description updated 26 Feb 2003 03:47:00
Malware type WORM
Alias
Spreading mechanism EMAIL
Summary None

W32/Yaha.E@mm

Spreading

This email worm sends itself to addresses found in the Windows Address Book and other sources (ICQ databases, Yahoo pager files, MSN Messenger files, HTML files) found on the hard disk.The subject, body and attachment names are composed by combining several word lists (see below).When the worm is first run, it will copy itself to the C:\RECYCLED, C:\RECYCLER or Windows directory. File name on disk will be up to six random letters.

Payload Details

The worm looks for and terminates programs with names from the word list WL13 - these programs either belongs to security products or other viruses.

Analysis

n/a

Removal

n/a


Last Updated: 12 Nov 2015 11:06:14