The Antivirus Guy Blog

Keeping people up to date with antivirus and security information

Microsoft Security Advisory (904420): Win32/Mywife.E@mm (aka Blackworm)

For even more comprehensive information on this virus go here: http://www.isc.sans.org/blackworm

Microsoft Security Advisory (904420)

Win32/Mywife.E@mm

Published: January 30, 2006

Microsoft wants to make customers aware of the Mywife mass mailing malware variant named Win32/Mywife.E@mm. The mass mailing malware tries to entice users through social engineering efforts into opening an attached file in an e-mail message. If the recipient opens the file, the malware sends itself to all the contacts that are contained in the system’s address book. The malware may also spread over writeable network shares on systems that have blank administrator passwords.

Customers who are using the most recent and updated antivirus software could be at a reduced risk of infection from the Win32/Mywife.E@mm malware. Customers should verify this with their antivirus vendor. Antivirus vendors have assigned different names to this malware but the Common Malware Enumeration (CME) group has assigned it ID CME-24.

On systems that are infected by Win32/Mywife@E.mm, the malware is intended to permanently corrupt a number of common document format files on the third day of every month. February 3, 2006 is the first time this malware is expected to permanently corrupt the content of specific document format files. The malware also modifies or deletes files and registry keys associated with certain computer security-related applications. This prevents these applications from running when Windows starts. For more information, see the Microsoft Virus Encyclopedia.

As with all currently known variants of the Mywife malware, this variant does not make use of a security vulnerability, but is dependant on the user opening an infected file attachment. The malware also attempts to scan the network looking for systems it can connect to and infect It does this in the context of the user. If it fails to connect to one of these systems, it tries again by logging on with “Administrator” as the user name together with a blank password.

Read the rest of this advisory here: Microsoft Security Advisory (904420): Win32/Mywife.E@mm.

About these ads

February 2, 2006 - Posted by | Antivirus News

2 Comments »

  1. [...] original here: Microsoft Security Advisory (904420): Win32/Mywife.E@mm (aka Blackworm) Category : [...]

    Pingback by Microsoft Security Advisory (904420): Win32/Mywife.E@mm (aka Blackworm) | Antivirus Firewall Software Reviews | November 28, 2009 | Reply

  2. [...] por sesión con “Administrador” como el nombre de usuario y una contraseña en blanco. version original aqui [...]

    Pingback by Microsoft seguridad Consultiva (904420): Win32/Mywife.E@mm (aka Blackworm) | ANTIVIRUS | February 20, 2012 | Reply


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: