...BLOCKED}4.94.88/~denirulz/2/2.exeIt then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system.Trend Micro detects the dowloaded file as: WORM_VB.MAF
...from a personal contact. What is noteworthy in this spam run is that the mail attachment is disguised as a 'virus killer' and is supposed to counter the virus W32.HEULAR. This executable file is currently detected as WORM_VB.GAW.
...critical update from Microsoft, the spam sample also comes with an attached executable file that claims to be the update patch and bug fixes for Windows XP Service Pack 2 and 3. The executable file has a detection name of WORM_VB.GAW
Description:File infectors infect executable files, usually Windows portable executables. They infect by incorporating their malicious code into executable files such that when the infected file is opened, the malicious code is also executed. File infectors may come with other capabilities.