JS/Feebs.X.fam@mm

Alias/esJS/Feebs.AG [F-Prot], JS/Feebs.BA!tr, JS/Feebs.X [F-Prot], JS/Feebs.X.gen@mm, JS_FEEBS.BA [Trend], W32/Feebs-Fam [Sophos], Worm.Win32.Feebs.gen [KAV]
Release DateMay 12, 2006
Detection Availability
Active DatabaseExtended Database
FortiGatelowhigh
FortiClient
FortiMailN/A
Current Antivirus Definition Database Version: 12.338
Description

Visible Symptoms

Feebs opens a window saying it's trying to connect to a popular mail server (eg. MSN). It will also close some analysis and monitoring programs like those from SysInternals.

Detailed Analysis

This detection is generalized to cover several variants of the Feebs virus family. The general characteristics are that the file arrives to a target system via email as an attachment. The attachment is commonly with a .HTA file extension. If the attachment is opened or run, it could potentiallly spread to others via email based on encrypted JavaScript command instructions.
Description Last Updated Date: Mar 13, 2007
Reference: ID - 146218