Summary

This variant of Email-Worm:VBS/Loveletter is distributed as an infectious e-mail file attachment.

Additional Details

VBS/LoveLetter.E spreads itself in a message which looks like this:

Subject: Mothers Day Order Confirmation Body: We have proceeded to charge your credit card for the amount of $326.92 for the mothers day diamond special. We have attached a detailed invoice to this email. Please print out the attachment and keep it in a safe place.Thanks Again and Have a Happy Mothers Day! mothersday@subdimension.com Attachment: mothersday.vbs


In addition, this variant deletes all files with the extensions ".ini" and ".bat" instead of ".jpg" and ".jpeg".

This variant does not attempt to download the "WIN-BUGSFIX.exe" from the Internet, though it modifies the Internet Explorer start page.

[Analysis: Katrin Tocheva, Mikko Hypponen, Alexey Podrezov and Sami Rautiainen, F-Secure]