Pages in the Historical section of this site are provided for historical purposes, they are no longer maintained. Links may not work.

The CERT Coordination Center publishes incident notes to provide information about incidents to the Internet community.

W32/Mimail Virus

Release Date: August 2, 2003

Overview

On Friday, August 1st 2003 the CERT Coordination Center began to receive an increased number of reports of a new mass mailing virus, now referred to as W32/Mimail, spreading on the Internet.

Description

The W32/Mimail virus is a malicious file attachment containing a specially crafted MHTML file named 'message.html'. This file is delivered inside of a .ZIP archive file named 'message.zip'. Viewing the 'message.html' file on a vulnerable system will cause the malicious code to be installed and executed. The malicious code is a mass-mailer.

The email message may look like the following:

  • No labels


Pages in the Historical section of this site are provided for historical purposes, they are no longer maintained. Links may not work.