You're in: Panda Security > Home Users > security-info > overview
Active Scan. Scan your PC free
Download Cloud Antivirus Gratis

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

Bagle.A

 
Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Bagle.A
Technical name:W32/Bagle.A.worm
Threat level:Low
Alias:W32/Bagle@MM, I-Worm.Bagle, W32.Beagle.A@mm, W32/Bagle-A, Bagle
Type:Worm
Effects:  It does not have any destructive effects. It spreads via e-mail.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:Jan. 19, 2004
Detection updated on:April 10, 2006
StatisticsNo
Proactive protection:
Yes, using TruPrevent Technologies
Repair utility:Panda QuickRemover

Brief Description 

    

Bagle.A is a worm without destructive effects that spreads via e-mail in a message with the subject Hi and an attached file with a name that consists of several random characters and has an EXE extension.

Bagle.A runs only if the system date is January 28, 2004 or previous.

Bagle.A attempts to connect to several web pages through the port 6777, in order to update itself and make an inventory of the affected users. However, these web pages have been disabled. In addition, it has code that allows it to download files from the Internet and run them on the affected computer.

Visible Symptoms 

    

Bagle.A is easy to recognize, as it reaches the computer via e-mail in a message with the subject Hi and an attached file with a name that consists of several random characters and has an EXE extension.

The attached file has the same icon as the Windows Calculator:

The first time the attached file is run, the worm runs the Windows Calculator (CALC.EXE file).