|
 |
|
Beagle.T
|
|
|
First Report:
|
2004-03-18 13:20
|
|
Last Update:
|
2004-10-01 05:24
|
|
|
Risk Rating:
|
Low Risk
|
|
|
Aliases:
|
Bagle.T
I-Worm.Bagle.o
I-Worm.Bagle.T
PE_BAGLE.T
W32.BAGLE.T@MM
W32.BEAGLE.T@MM
W32/Bagle.T.worm
W32/Bagle.T@mm
|
|
|
|
Information From AntiVirus Vendors
|
|
|
|
|
Below you will find virus information from different antivirus vendors included in this Secunia Virus Profile. Information about the virus along with links to removal tools will be listed below when available.
The information provided is sorted by the date on which the information first became publicy available on the antivirus vendors' websites. The earliest available reports are displayed first. Please note timestamps are in GMT+1.
|
|
|
#1 - SYMANTEC
|
| |
|
|
W32.Beagle.T@mm
|
Severity:
2/5
|
File Size:
25,600 bytes
|
| |
|
|
Reported:
2004-03-18 13:20
|
Last Update:
2004-03-19 18:44
|
| |
Description:
W32.Beagle.T@mm is a variant of W32.Beagle.R@mm. This worm attempts to send an HTML email to the addresses found in the files on an infected computer. The email does not contain an attachment of the worm. Instead, the HTML email uses the Microsoft Internet Explorer Object Tag Vulnerability that allows for the automatic download and execution of a file hosted on a remote Web site. This file is a copy of the worm, but may change in the future.
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2004-03-18 21:34
|
Description was changed.
New:
"W32.Beagle.T@mm is a variant of
W32.Beagle.R@mm. This worm attempts to send
an HTML email to the addresses found in the
files on an infected computer. The email does
not contain an attachment of the worm.
Instead, the HTML email uses the Microsoft
Internet Explorer Object Tag Vulnerability
that allows for the automatic download and
execution of a file hosted on a remote Web
site. This file is a copy of the worm, but
may change in the future."
Old:
"W32.Beagle.T@mm is a variant of
W32.Beagle.O@mm. Symantec Security Response
is currently investigating this worm and will
post more information when it becomes
available."
|
| |
|
|
2004-03-18 21:34
|
File size was changed.
New:
"25,600 bytes"
Old:
"N/A"
|
|
|
|
|
|
#2 - F-SECURE
|
| |
|
|
Bagle.T
|
Severity:
-
|
File Size:
-
|
| |
|
|
Reported:
2004-03-18 13:21
|
Last Update:
2004-10-01 05:23
|
| |
Description:
Bagle.T is the fourth variant of Bagle found at March 18th, 2004. This variant is also similar to Bagle.Q.
|
| |
|
Full Report From Vendor
|
|
|
#3 - TREND MICRO
|
| |
|
|
PE_BAGLE.T
|
Severity:
1/3
|
File Size:
-
|
| |
|
|
Reported:
2004-03-18 13:26
|
Last Update:
2004-10-01 05:24
|
| |
Description:
This BAGLE variant mainly spreads by sending itself as email attachment to target addresses it gathers from the infected system. It also infects files.
|
| |
|
Full Report From Vendor
Removal Tool/Instructions
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2004-06-01 05:26
|
Description was changed.
New:
"This BAGLE variant mainly spreads by sending
itself as email attachment to target
addresses it gathers from the infected
system. It also infects files."
Old:
"Like recent BAGLE variants, this malware also
infects files. Its distinct feature is the
use of a known vulnerability to propagate."
|
| |
|
|
2004-03-18 23:46
|
Description was changed.
New:
"Like recent BAGLE variants, this malware also
infects files. Its distinct feature is the
use of a known vulnerability to propagate."
Old:
"Like recent BAGLE variants, this malware also
infects files but it employs a known
vulnerability to propagate."
|
| |
|
|
2004-03-18 17:02
|
Description was changed.
New:
"Like recent BAGLE variants, this malware also
infects files but it employs a known
vulnerability to propagate."
Old:
"TrendLabs is currently analyzing this new
variant of the BAGLE virus. Detailed
information will be posted shortly."
|
| |
|
|
2004-03-18 17:02
|
Updated information about removal tool/instructions.
|
|
|
|
|
|
#4 - PANDA ANTIVIRUS
|
| |
|
|
Bagle.T
|
Severity:
2/4
|
File Size:
-
|
| |
|
|
Reported:
2004-03-18 14:18
|
Last Update:
2004-10-01 05:23
|
| |
Description:
It infects PE files, downloads a file from the Internet and ends processes belonging to security applications.
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2004-10-01 05:23
|
Severity was raised from 1/4 to 2/4.
|
| |
|
|
2004-08-01 05:29
|
Severity was decreased from 2/4 to 1/4.
|
| |
|
|
2004-07-01 05:28
|
Severity was raised from 1/4 to 2/4.
|
| |
|
|
2004-05-01 05:25
|
Severity was decreased from 2/4 to 1/4.
|
| |
|
|
2004-04-15 23:34
|
Severity was raised from 1/4 to 2/4.
|
| |
|
|
2004-04-12 23:38
|
Severity was decreased from 2/4 to 1/4.
|
| |
|
|
2004-04-09 23:38
|
Severity was raised from 1/4 to 2/4.
|
| |
|
|
2004-04-06 23:38
|
Severity was decreased from 2/4 to 1/4.
|
| |
|
|
2004-04-05 23:38
|
Severity was raised from 1/4 to 2/4.
|
| |
|
|
2004-04-04 23:38
|
Severity was decreased from 2/4 to 1/4.
|
| |
|
|
2004-03-28 23:38
|
Severity was raised from 1/4 to 2/4.
|
| |
|
|
2004-03-27 23:38
|
Severity was decreased from 2/4 to 1/4.
|
| |
|
|
2004-03-23 23:38
|
Severity was raised from 1/4 to 2/4.
|
| |
|
|
2004-03-21 23:38
|
Severity was decreased from 2/4 to 1/4.
|
| |
|
|
2004-03-20 14:48
|
Severity was raised from 1/4 to 2/4.
|
| |
|
|
2004-03-20 11:48
|
Severity was decreased from 2/4 to 1/4.
|
| |
|
|
2004-03-19 01:33
|
Severity was raised from 1/4 to 2/4.
|
|
|
|
|
|
#5 - MCAFEE
|
| |
|
|
W32/Bagle.t@MM
|
Severity:
3/7
|
File Size:
25,600 Bytes
|
| |
|
|
Reported:
2004-03-18 14:22
|
Last Update:
2004-07-01 05:27
|
| |
Description:
This threat has been deemed Low-Profiled due to media attention at the following site: http://www.techweb.com/wire/story/TWB20040318S0009
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2004-03-18 23:32
|
Severity was raised from 2/7 to 3/7.
|
| |
|
|
2004-03-18 23:32
|
Description was changed.
New:
"This threat has been deemed Low-Profiled due
to media attention at the following site:
http://www.techweb.com/wire/story/TWB20040318
S0009"
Old:
"This variant is very similar to
W32/Bagle.q@MM"
|
| |
|
|
2004-03-18 19:17
|
Description was changed.
New:
"This variant is very similar to
W32/Bagle.q@MM"
Old:
"A new variant of W32/Bagle@MM has been
received which is detected and repaired as
W32/Bagle.t@MM with the 4340 DATs and higher
(with scanning of compressed files enabled)."
|
|
|
|
|
|
Please note: The information that this Secunia Virus Profile is based on comes from a third party unless stated otherwise.
The grouping process is done completely automatically, therefore minor inconsistencies may occur. For more information about Secunia Virus Information, please read: About Virus Information.
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
