Sober@mm is a mass-mailing worm that uses its own SMTP engine to spread itself. The email will have a variable subject in either English or German. The name of the email attachment will vary and have a .bat, .com, .exe, .pif, or .scr file extension.
This threat is written in the Microsoft Visual Basic programming language and is compressed with UPX.
Note: Virus definitions dated October 24, 2003 revision 20 and greater will detect this threat.
Also Known As: W32/Sober@MM [McAfee], I-Worm.Sober [Kaspersky]
Type: Worm
Infection Length: 63,488 bytes, varies
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Systems Not Affected: DOS, Linux, Macintosh, OS/2, UNIX
Wild:
Number of infections: 0 - 49
Number of sites: 0 - 2
Geographical distribution: Low
Threat containment: Easy
Removal: Moderate
Threat Metrics
Distribution
Subject of email: Variable with English or German subject.
Name of attachment: Variable with a .bat, .com, .exe, .pif, or .scr file extension.
Read more: http://securityresponse.symantec.com/av ... er@mm.html