|
Mimail.D virus
Another mass-mailing worm affecting Microsoft Windows operating systems.
Operating systems affected
- Windows 95
- Windows 98
- Windows ME
- Windows NT
- Windows 2000
- Windows XP
Email characteristics
Most vendors have a different version of the email, such as;
Subject: Re[2]: our private photos ???
Attachment: readnow.zip
______________
From: james@
Subject: don't be late! [random string of letters]
Message Body:
Hello Dear!,
Finally i've found possibility to right u, my lovely girl :) All our photos which i've made at the beach (even when
u're without ur bh:)) photos are great! This evening i'll come and we'll make the best SEX :)
Right now enjoy the photos.
Kiss, James.
??? (Note: ??? is a variable string)
Attachment: photos.zip
Bulletin from ACSU
------ Forwarded message ----------
Date: Mon, 3 Nov 2003 10:56:31 +1100
From: ACSU Anti-Virus Support
To: IT-Support@explode.unsw.edu.au
Subject: [IT] VIRUS ADVISORY - Mimail
Most antivirus vendors have the Mimail.C or Mimail.D virus on medium
alert. Mimail is a mass mailing worm that sends a variation of fairly
standard emails with a .zip attachment. It steals user info and does
a DoS on selected sites. Affects Windows 95, 98, ME, NT, 2000, XP.
There seem to be a few variants of the basic virus so have a look at
a few vendor sites for info.
DETECTION:
NOTE: Norton AntiVirus Definitions dated 01/11/2003 or later. Some
systems will display this date as 11/01/2003.
REMOVAL TOOL:
http://securityresponse.symantec.com/avcenter/venc/data/w32.mimail.removal.tool.html
MORE INFORMATION:
http://securityresponse.symantec.com/avcenter/venc/data/w32.mimail.d@mm.html
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIMAIL.C&VSect=T
|
