The infected messages typically have a blank subject line, body text saying 'new price', and malicious file attachments such as '09_price.zip', 'price_new.zip', and 'price2.zip'. The attached ZIP files commonly contain a malicious file called price.exe, containing various variants of the Bagle Trojan.
The malware aims to switch off several security applications, with the ultimate goal of turning the machine into a botnet zombie. The Trojan also tries to download more code from the Internet. Spam technology is being used for distribution, in an attempt to maximise infection rates as soon as possible.