Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Bagle.U

 
Threat LevelHigh threatDamageHighDistributionModerately widespread
Common name:Bagle.U
Technical name:W32/Bagle.U.worm
Threat level:High
Type:Worm
Effects:  

It creates a backdoor that opens TCP port 4751, and notifies its author that the computer can be accessed through it. It opens the Windows game Hearts, if it is installed. It stops functioning after January 1, 2005.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:March 26, 2004
Detection updated on:June 15, 2006
StatisticsNo
Proactive protection:
Yes, using TruPrevent Technologies
Repair utility:Panda QuickRemover

Brief Description 

    

Bagle.U is a worm that spreads via e-mail in a message with no subject and no body, and an attached file with a variable file name, but which always has an EXE extension.

Bagle.U contains a backdoor, which opens the TCP port 4751. It attempts to connect to a web page that hosts a PHP script. By doing this, Bagle.U notifies its author that the affected computer can be accessed through the port mentioned above.

Once it is run, Bagle.U opens the Windows game Hearts, if it is installed in the affected computer. This game is usually installed with Windows operating systems.

This worm only runs if the system date is January 1, 2005 or previous. After this date, Bagle.U stops functioning.

Visible Symptoms 

    

Bagle.U is easy to recognize when it reaches the computer, as the attached file has the following icon:

In addition, Bagle.U opens the Windows game Hearts, if it is installed in the affected computer. This game is usually installed with Windows operating systems.

ARE YOU FACING ANY PC OR INTERNET RELATED PROBLEMS?
FREE SUPPORT INCLUDED. CALL US 24/7

powered by Anytech365