W32.Beagle.J@mm is a mass-mailing worm that opens a backdoor on TCP port 2745 and uses its own SMTP engine to spread through email. In doing so, it sends the attacker the port on which the backdoor listens, as well as the IP address. It also attempts to spread through file-sharing networks, such as Kazaa and iMesh, by dropping itself into the folders that contain "shar" in their names.

An email potentially containing the worm has the following characteristics:
From: Spoofed to appear as though it is coming from the one of the following addresses at the recipient's domain:

management
administration
staff
noreply
support

Attachment: A randomly named .exe file, inside a .zip file, or an .pif file.
The zip file will be password-protected.

__________________
Hybrid

linkShareLive <-- Free and Paid Directory Listing (get your website listed now)
'Forever busy.... is there more to life?'
Microsoft TechNet Member
My Space Profile: http://www.myspace.com/syrusxl