BadAss is a worm that spreads itself via Microsoft Outlook e-mail
client. The worm file is 24576 bytes long Windows EXE application
written in Visual Basic. It seems to be based on Melissa worm
source code - functions and sequence of commands in the BadAss
code are very close to those in Melissa source code.
The worm spreads itself as a binary attachment to e-mail messages
that it sends from infected system. The original attachment name
is BADASS.EXE, but it is possible to rename the EXE file
manually, and then it will spread itself with a new name.
When the worm file is run from infected message attachment, the
worm gets control and starts its main routine. This routine
displays message box and acts similar to Joke.Win.Stupid joke
program. The text in the messagebox will not be shown here as it
is not suitable for all audiences.
After that the worm runs its infection routine that opens the
Outlook database, gets email addresses from AddressBook and sends
infected messages to all the addresses found. The subject of
infected messages contains the text 'Moguh..' and the message
text is 'Dit is wel grappig! :-)' ('This is funny!' - in Dutch).
The worm does not send messages twice from the same computer. To
avoid duplicate spreading the worm creates a special key in
Windows Registry.
![](/images/pixel.gif"){kind=tracking}
