W32/Wowlook is a mass mailing worm. The worm will infect Windows systems and spreads through email.

The "Subject" of the infected mail will be;

That souds best for us.
Chinese test missile obliterates satellite!
Hi,I just get some imformation of the Blizzard Entertainment,pls kindly check in the attachment.

The "Body" of the infected mail will be;

China last month successfully used a missile to destroy an orbiting satellite, U.S. government officials told CNN on Thursday, in a test that could undermine relations with the West and pose a threat to satellites important to the U.S. military.
According to a spokesman for the National Security Council, the ground-based, medium-range ballistic missile knocked an old Chinese weather satellite from its orbit about 537 miles above Earth. The missile carried a "kill vehicle" and destroyed the satellite by ramming it.
The test took place on January 11. (Watch why the U.S. has protested the missile strike )
Aviation Week and Space Technology first reported the test: "Details emerging from space sources indicate that the Chinese Feng Yun 1C (FY-1C) polar orbit weather satellite launched in 1999 was attacked by an asat (anti-satellite) system launched from or near the Xichang Space Center."
A U.S. official, who would not agree to be identified, said the event was the first successful test of the missile after three failures...
The detail news is here: http://edition.cnn.com/2007/TECH/space/01/18/china.missile/index.html.
Watch the video to get more information! To watch the missile video, please install the CNN video plus version 9, click the attachment to install.
Copyright 2007 CNN. All rights reserved.
This material may not be published, broadcast, rewritten, or redistributed. Associated Press contributed to this report

The name of the infected "Attachment" will be;

SetupV9.zip

Upon execution, the worm creates SetupV9.exe and Srvpl0.dll files in the Windows System folder.

The worm modifies registry at the following location to load itself during each startup;

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

The worm hooks the application wow.exe which is associated with World of Warcraft. It steals account information associated with the program. It then logs the stolen information in the file KBOutLook.log created in Windows System folder.

The worm gathers all the email addresses from the Windows Address Book and Outlook Express. These emails addresses are also stored in the KBOutLook.log file.

The data gathered from the infected system is sent to http://www.game4enjoy.net/Data[Removed].

It also creates srv_(Thread ID of threat)_.log file in the Windows System folder to log errors.

This worm first appeared on March 05, 2007.

 Other names of W32/Wowlook Worm:

This Worm is also known as W32.Wowlook@mm.