This Bagle-related downloader appeared on September 19th, 2005.
This particular downloader is fetched from one of websites by
another Bagle downloader (that appeared yesterday), however it is
not similar to it.
This particular downloader tries do download a single file from
the 'keysi.ru' website. The downloaded file is detected as
'Email-Worm.Win32.Bagle.cz'. The description of this file is
here:
http://www.f-secure.com/v-descs/bagle_cz.shtml
The downloader can also listen on port 1084.
F-Secure Anti-Virus detects this malware starting from the
following update:
[FSAV_Database_Version]
Version=2005-09-19_05
Writeup:
Alexey Podrezov, September 20th, 2005;
F-Secure Corporation
