<HEAD>
Example 1:
Of the pear
the fish drives calmly
the grass.
.....................................................
Example 2:
>From the chestnut
the pale steaming darkness
and the long mushroom.
.....................................................
I-Worm.Haiku, by Mister Sandman
Did you know
The smallest box may hold
The biggest treasure?
.....................................................
CONTENTS
bridge light sea fish butterfly foghorn day moon
evening spring sunset boat petal blossom stone mist
passage darkness dolphin ant shadow star frost cicada
wind garden orchard chestnut forest leaf sun winter
autumn summer morning tree branch smoke grape rainbow
blackness shade edge snowflake raindrop starling stem
charcoal silence flurry trunk gnat pear strawberry
breeze grass silence worm solstice rain cauliflower
dawn fire splinter cedar skyline mushroom foam roar
child reflected calm distant small shiftin g long
overlooking delicate tiny colorful silent noisy
faint bruised plucked ripening swollen dark new old
brittle steaming decaying single wet bare bright cold
heavy purplish fleeting smooth pale imprisoned
lightning frozen cupped dewy shriveled fiery hunkered
stirring chattering misshapen taut matted visible wild
surprising sudden trembling twisting perfect flashing
frosted solemn rising lost loved this that these those
of to with from in on sl owly calmly soon suddenly
eagerly afterward slightly toward no w the a and or
share shared s stop stopped s recall recalled s drive
drove s chase chased s contain contained s return
returned s rise rose s ripple rippled s move moved s
fall fell s hang hung s miss missed es catch caught es
start started s tousle tousled s pass passed es pluck
plucked s blind blinded s crush crushed es awake awoke
s rattle rattled s pierce pierced s
</HEAD>
<BODY>
The Haiku worm usually arrives as a HAIKU.EXE file
attached to an e-mail message. The message looks like
it was forwarded from the original recepient with the
subject 'Fw: Compose your own haikus'. The message
body advertises the attached file as a Haiku (oriental
poetry style) generator which it actually is. But
along with Haiku generation routine the file contains
worm code. The message the worm spreads itself with
looks like that:
:))
----- Original Message -----
>"Old pond...
> a frog leaps in
> water's sound."
>- Matsuo Basho.
>
>DO YOU WANT TO COMPOSE YOUR OWN HAIKUS?
>
>Haiku is a small poetry with oriental metric that
appeared in the XVI century and is being very popular,
mainly in Japan and the USA.
>
>It's done to trascend the limitation imposed by the
usual language and the linear/scientific thinking that
treat the nature and the human being as a machine.
>
>It usually has 3 lines and 17 syllables distributed
in 5, 7 and 5. It must register or indicate a moment,
sensation, impression or drama of a specific fact of
nature. It's almost like a photo of some specific
moment of nature.
>
>More than inspiration, what you need in order to
compose a real haiku is meditation, effort and
perception.
>
>DO YOU WANT TO COMPOSE YOUR OWN HAIKUS?
>
>Now you can! it is very easy to get started in this
old poetry art. Attached to this e-mail you will find
a copy of a simple haiku generator. It will help you
in order to understand the basics of the metric, rhyme
and subjects which should be used when composing a
real haiku... just check it out! it's freeware and you
can use and spread it as long as you want!
When the worm is run it first installs itself as
HAIKUG.EXE into root Windows directory and modifies
WIN.INI to be run during all further Windows sessions.
After that the worm displays a messagebox with a
randomly generated Haiku:
Example 1 [ABOVE;HEAD]
Example 2 [ABOVE;HEAD]
F-Secure Virus Descriptions
NAME: Haiku
ALIAS: I-Worm.Haiku,
W95.Haiku.16384.worm
After system restart the worm gets control, checks if
Internet connection is available and starts to look
for e-mail addresses by scanning DOC, EML, HTM, HTML,
RTF and TXT files. After the suitable e-mail address
is
found, the worm decrypts its internal message text,
connects to a remote SMTP server that allows sending
anonymous e-mail and sends its body MIME-encoded with
the decrypted message to a found e-mail address. Then
the worm displays its copyright messagebox:
>From time to time the worm connects to a free web
hosting provider Xoom and gets a WAV file from one of
user accounts. The worm writes the downloaded file as
C:\HAIKU.WAV, plays it and deletes it afterwards. The
WAV file has a copyright string of Sandman:
0 00 00 (
E 66 6D (c) Mister Sandm
0 74 20 an, 2-2000 fmt
E 0 00 > [HAPPY FACE] [HAPPY FACE]v C.
0 04 01 [HAPPY FACE] etc.
The generator of Haiku poetry uses the internal table
of words and endings and creates poetry strictly
according to Haiku style rules. Here are the table's
contents:
[CONTENTS IN HEAD]
[Analysis: Alexey Podrezov, F-Secure]
<SRC="http://www.datafellows.com/v-descs/haiku.shtml">
<BODY>