name: Beagle
aka: W32.Beagle.A@mm
type: Worm
host platform: Windows
first incidence: 1/18/2004
level of incidence: High
damage capacity: High
links: Symantec - W32.Beagle.A, Symantec - W32.Beagle.B
         Symantec - W32.Beagle.C, Symantec - W32.Beagle.E,
         Symantec - W32.Beagle.F, Symantec - W32.Beagle.G,
         Symantec - W32.Beagle.H, Symantec - W32.Beagle.I,         
         Symantec - W32.Beagle.J, Symantec - W32.Beagle.K,
         Symantec - W32.Beagle.M, Symantec- W32.Beagle.N, Symantec - W32.Beagle.U
         McAfee - W32.Beagle.A, McAfee - W32.Beagle.C,
         McAfee - W32.Beagle.H,  McAfee - W32.Beagle.I,
         McAfee - W32.Beagle.J, McAfee - W32.Beagle.M,
         McAfee - W32.Beagle.M, McAfee - Beagle.U
        

look for emails with the following characteristics:
 

   From:

<Spoofed> management @ < recipient's domain > administration @ < recipient's domain > staff @ < recipient's domain > noreply @ < recipient's domain > support @ < recipient's domain >

   Subject:

Hi ID <ramdom characters>... thanks Accounts department Ahtung! Camila Daily activity report Flayers among us Freedom for everyone From Hair-cutter From me Greet the day Hardware devices price-list Hello my friend Hi! Jenny Jessica Looking for the report Maria Melissa Monthly incomings summary New Price-list Price Price list Pricelist Price-list Proclivity to servitude Registration confirmation The account The employee The summary USA government abolishes the capital punishment Weekly activity report Well... You are dismissed You really love me? he he Ello! ^_^ meay-meay! ^_^ mew-mew (-:

Aline Anna Audra Bad girl Barbi beautiful Caitie caroline ello! =)) Fotograf Gallery photos groom Hey, dude, it's me ^_^ :P Hey, ya! =)) Hi! :-) Hokki =) Jammie Juli Julie kate Katrina Kelley kleopatra Lisa Mandy Mary Mary-Anne My beautiful person My Name is Frenk My photoalbum My photos Myphotos Photoalbum rebecca Rena Sara stacy Tammy

Wau... beautiful (-: Weah, hello! :-) Weeeeee! ;))) Email account disabling warning. Email account security warning. Email account utilization warning. Important notify about your email account. Notify about using the email account. Notify about your email account utilization. Warning about your email account. Account notify Email technical support message. Email technical support warning. Email warning Email report Encrypted document Fax Message Received Forum notify Hidden message Important notify Incoming message Notify from email technical support. Protected message RE: Protected message RE: Text message Re: Document Re: Hello Re: Hi Re: Incoming Fax Re: Incoming Message Re: Msg reply Re: Thank you! Re: Thanks :) Re: Yahoo! Request response Site changes

   Message:

Yours ID <ramdom characters> Subj Request Empty Response Everything inside the attach Look it through Cya Argh, i don't like the plaintext :) Fell free to chat with me I accept all ages. Don''''t worry I don''''t bite........hope to hear from you soon! Hey people whats goin on? If there is anything you want to know about me ask me... I am pretty easygoing I won't bite....not at first anywayz hahaa.....one thing I will say on here tho I am not into the Cyber thing so don't even ask.....Ciao... Hey, guys! by the way, I have no problems with my sexual life, so it's absolutly useless try to have icq sex or things like that. Thanks Hi! My name is Shreya and I am a goof off!!! So, If you love the outdoors, travelling, books, music, movies, laffing, teasing and/or can poke fun at yourself... please come a hollerin'!! I am from Taiwan but I study in Camden, New Jersey now. I like to know people from different places . I enjoy clean conversations but am open to conversing with women and men with little ones as well. I am very open-minded. All authorization requests will be denied if I don't receive messages and get to know you first. I like to be in a company of smart, delicate, and with a good sense of humor people. I am Bulgarian, currently getting my Master's in International Business in USA. Favorite actor: Michael Dudikoff I love camping, dirt track racing, going for walks, and I have 2 cats - HotRod and Deebo (named from the movie 'Friday' and he lives up to it!). Life is ever changing, never always easy... I love meeting new people and making new friends. I am a Mary Kay Beauty Consultant. I am married to a wonderful man. We have no children, exept for a minature schnauzer that thinks he is a child. Looking forward to meeting you. i love to chat to just about anyone!! I love to dance, read poetry, make people laugh, and hug as many people a day as i can. I sit with elders of a gentle race, whose world is seldom seen.Who sit and talk of days for which they wait, when all will be revealed. These are song lyrics. If I'm online, it problably means I'm pretty bored....so feel free to message me and say hi or whatever else comes to mind at the moment. If you are going to make me cry, at least be there to wipe away the tears *Right now the worst thing for you to tell me that I can find someone better than you, especially when you are all I want I'm a social butterfly and a natural flirt. Very hard to get my complete attention. Very open and will answer almost anything. But please don't piss me off. I can be sweet and cuddly or a whatever mood I am in that day so everyday I'm an open minded person and enjoy chatting w/ other people. I'm free and willing to chat about anything. So feel free to Imed me if you wanna chat. I'm married and I stay at home. And I don't do cyber sex so leave me the fuck alone i'm tall and skiny I'm studying in Pharm. D program in FL. i like music, movie, dancing, sports, SCUBA diving, traveling and make a lot friends. Looking forward for a response :P

My hobbies include crochet, sewing, painting lead figures and playing AD&D. Favorite activities include fishing and camping. I love cats, unicorns(go figure), and fantasy in general. Nice friends, nice men, nice sex and feeling great. I don't mind the odd bout of cybersex as I love to use my imagination when I masterbate. Single Mom of 3, Full time college student, Graduate in December with an Associates of Applied Science in Computer Information Systems Love the internet. When The Trust is Gone So Is The Love That Fades Like the Rain Washing Away All The Sorrows Of Yesterday Why I Ask Myself Must It End Like This Tomorrow, I Tell Myself, I'll Be Okay For Now, I'll Just Live In The Memories Of Our Life Together You don't know what you've got till it's gone *You hurt me more than I deserve, how can you be so cruel? I love you more than you deserve, how can I be such a fool? Hey, dude, it's me ^_^ :P I don't bite, weah! The message will conclude with: btw <random string> is a password for archive You have won!!! The access is open !!! btw "<random string>" is a password for archive One of the following: Dear user of <domain>, Dear user of <domain> gateway email server, Dear user of email server "<domain>", Hello user of <domain> email server, Dear user of "<domain>" mailing system, followed by one of the following: Your email account has been temporary disabled because of unauthorized access. Our main mailing server will be temporary unavaible for next two days, to continue receiving mail in these days you have to configure our free auto-forwarding service. Your email account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information. We warn you about some attacks on your email account. Your computer may contain viruses, in order to keep your computer and email account safe, please, follow the instructions. Our antivirus software has detected a large ammount of viruses outgoing from your email account, you may use our free anti-virus tool to clean up your computer software. Some of our clients complained about the spam (negative email content) outgoing from your email account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions. the management of <domain> mailing system wants to let you know that,Your email account has been temporary disabled because of unauthorized access. Our main mailing server will be temporary unavaible for next two days, to continue receiving mail in these days you have to configure our free auto-forwarding service. Our antivirus software has detected a large ammount of viruses outgoing from your email account, you may use our free anti-virus tool to clean up your computer software. Some of our clients complained about the spam (negative email content) outgoing from your email account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions. Your email account has been temporary disabled because of unauthorized access. We warn you about some attacks on your email account. Your computer may contain viruses, in order to keep your computer and email account safe, please, follow the instructions.

   Attachment:

<Random> Aline Anna Audra Bad girl Barbi Caitie caroline Gallery It_I Jammie Juli Julie kate Katrina Kelley kleopatra Lisa

Mandy Mary Mary-Anne myfotos Photoalbum Photomontage Picture rebecca Rena Sara stacy Tammy TextDocument Readme Msg Msginfo Document Info

Attachedfile Attacheddocument Text TextFile Letter MoreInfo Message Attach Information Details Encrypted Gift details first_part pub_document text_document

          with extension of:

exe scr zip

Beagle is a mass-mailing worm which has its own SMTP engine to send out itself to others. It will send out to addresses found in the address book and locally cached Internet files. The worm will install a backdoor in the infected machines allowing attackers full access to the victims' computers.

Beagle has mutated since its release.  The latest is Beagle.U. Symantec has developed removal tools for Beagle variants. For Beagle M-O, the removal tool and instructions can be found here, for other variants here.

For info on computer viruses and guidelines for avoiding them, please see http://www.greenapple.com/support/library/virus-faq.htm

If you believe you have become infected or have any questions regarding viruses, please do not hesitate to contact us. As always, as a Green Apple user you are welcome to bring in your computer for us to examine and, where possible, fix.

Home / Access / Development / Support / Hosting / Local Links / Computers
 Contact Us / Green Apple News / Jobs / Site Map / Link To Us / Policy

Lancaster-Fairfield County Chamber of Commerce, 2000 Small Business of the Year
www.greenapple.com · tel. (740) 653-9890 · toll free. (866) 653-9890
Copyright © 1995 - 2007, Green Apple, Inc.