Aliases: Win32.HLLW.Osapex
Variants: Win32.HLLW.Ramada.34816, Win32:Osapex-B, Win32.HLLW.Osapex.b, Win32.HLLW.Osapex.B, W32/Osapex.c.worm

Classification: Malware
Category: Computer Virus

Status: Dormant
Spreading: Slow
Geographical info: Europe, North and South America, and some parts of Asia and Australia
Removal: Easy
Platform: W32
Discovered: 02 Oct 2002
Damage: Low

Characteristics: W32.Osapex is a virus that copies itself from to and fro from drives “A” and “C.” It uses the name that constitutes a “Vga32.exe” infected file. Reports also say that the virus has no harmful payload. It attacks Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT and Windows XP Operating System platforms. Registry keys are also modified so that the worm will start every time the window starts. It continuously browses in “A” drive for any “.doc” files in “Misdoc 1" folder.

More details about W32.Osapex

If it’s successful, it adds an “.exe” extension to all the files and copies itself saved on “A” drive. This worm copies itself with the hidden and system files. Thisfills up your computer with malicious, damaging and insignificant. As it reproduces, it takes up space. The space becomes unusable when the memory space is lessened.

There were speculations that the W32.Osapex program may be acquired when it is directly downloaded from unsolicited sites on the Internet. Some claimed that this malware may be bundled with other malicious programs using its functions to support their routines. It was believed that this malware is possibly bundled with a backdoor or RAT malware variant. It was speculated that this malware's true purpose is to steal information, such as username and password, credit card numbers and PINs, emails, documents, and other private information. According to security program developers, the malware may be capable of installing itself into the machine without the user's permission.