This is an Internet worm that spreads through e-mail by using Microsoft Outlook. This worm is Word macro-program written in VBA (the macro-language for Microsoft Office).
When an infected document is opened, the worm macro gains contorl, scans all local drives and looks for a JPG-file less than 50,000 bytes in size. The first found file is then inserted in an active document (current infected document).
For example, the “Sent Items” folder contains the following messages:
Outgoing messages (in folder “Outbox”) with a worm will appear in the following way:
An infected document contains a JPEG file that has been selected by the worm as well as a worm macro-program.
In this way, the worm sends an infected message to the first eight recipients, whose addresses have been found in the folder “Sent items”. But for all this, in many instances, the worm breaks confidential correspondence.
|Find out the statistics of the threats spreading in your region|