This worm is able to work on Chinese versions of Windows only, and spreads itself by sending infected e-mail messages. The virus has two components: a script program and Windows PE .exe file. The first component (script) is sent in infected e-mails, infects the computer, then downloads and executes a .exe. That's the component that completes the infection and spreads the worm copies further.

  • It spreads by attacking IP addresses connected to the Internet obtained at random.
  • It tries to access the compromised IP address by exploiting an existing vulnerability that hasn't been fixed or through an open port. If it does this, it copies itself onto the compromised computer.


  • Email-Worm.Win32.Unicle(Kapersky)
  • WORM_UNICLE.A(Trend Micro)
  • Unicle.B(Panda)

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.