Based on initial analysis, WORM_ MEYLME.B is delivered via Spam message with a malicious link that redirects to malware with a .PDF or .SCR extenstion. Some of the spam messages contain a .PDF, .ZIP or .SCR attachment. The detected malware uses BS_MEYLME.B to search for all network shares to drop a copy of the worm in certain folders located in specific drives C to H.
Below are the details of the malicious email:
Subject: Here you have
This is The Document I told you about,you can find it Here. hxxp://<standard
Please check it and reply as soon as possible.
The malicious URL has been taken down by the hosting company and the link has been added to the WRS block lists. Products running ERS/WRS can block the malware.
The latest Smart Scan Pattern (iCRC) 10504.015.00 is now available to the products running on Smart Scan. The official Pattern Release (OPR) 7.449.00 is also available via Activeupdate. Trend Micro products configured with Automatic Update can download it. For proper protection, make sure that the Trend Micro anti-virus software is up and running.
Customers with infected machines are advised to run a scan using the latest Pattern. To avoid re-infection, change the passwords for the following applications:
- Internet Explorer
For immediate assistance, contact Trend Micro Technical Support.