Welcome to the Virus Encyclopedia of Panda Security.
It is an exploit that the worm Bagle.AM uses in order to affect computers without users noticing.
|First detected on:||Aug. 9, 2004|
|Detection updated on:||Aug. 9, 2004|
Illwill.A is an exploit that the worm Bagle.AM uses in order to affect computers without users noticing.
Illwill.A reaches the computer in a message with no subject and an attached file with a random name and a ZIP extension. This file contains an HTML file (detected by Panda Security as JS/Illwill.A), together with a hidden EXE file.
This executable file, belonging to Bagle.AM, is automatically run when the user opens the HTML file, thinking that it does not have the typical extension that is bound to contain malware (EXE, COM, BAT, CMD, SCR) and thus can be safely run.
Illwill.A is easy to recognize, as it reaches the computer in an e-mail message with the following characteristics: