Malware descriptions

Bagles massively spammed

Over the course of the last hours we’ve been seeing a number of new Bagles massively spammed.

They are detected as Email-Worm.Win32.Bagle.ed-eg.

As before these Bagles don’t have a functioning emailing routine.

These Bagles are likely to arrive in a .zip archive with both the archive as the executable having a random name.

Some quick info on the most common ones:(Note that filenames may vary)

File: Loader.exe – Email-Worm.Win32.Bagle.ee
MD5: 7b2f9ddebd027d54e36408c89804afdb
Size: 9728 bytes

File: t_535475.exe – Email-Worm.Win32.Bagle.ef
MD5: 8275444ac2caac4b90bfd07d0b2b17be
Size: 13312 bytes

File: text.exe – Email-Worm.Win32.Bagle.eg
MD5: 18ae7a2fa4dbbf703c3ae157f224186a
Size: 10752 bytes

Bagles massively spammed

Your email address will not be published. Required fields are marked *

 

Reports

How to catch a wild triangle

How Kaspersky researchers obtained all stages of the Operation Triangulation campaign targeting iPhones and iPads, including zero-day exploits, validators, TriangleDB implant and additional modules.

Subscribe to our weekly e-mails

The hottest research right in your inbox