Win32.Maldal.A is an Internet worm that is spreading by sending itself to everyone in the infected users Microsoft Outlook address book, as well as, through Microsoft MSN Messenger.

If executed, the worm copies itself, usually in the \windows\ directory under the filename "christmas.exe".

This worm will also add following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Zacker ="C:\\WINDOWS\\christmas.exe" on the system, which contains instructions to make sure that it gets executed each time a user restarts their computer.

Then, it change the site location of Microsoft Internet Explorer home page. To achieve this, it modifies the following registry key:
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\Start Page = "http://geocities.com/job***e/Za*ker.htm"
(some characters have been replace with an "*")

Additionally, it changes the computer name to Zacker and attempts to corrupt the PC keyboard.

Copy of message:
Subject :
Happy New Year

Message body :
Hii
I can't describe my feelings
But all I can say is
Happy New Year :)
bye

Attached file :
Christmas.exe

It will display the following holiday graphic:
http://www24.brinkster.com/allineed/antivirus/image/Maldalpic.gif

Source:
http://www24.brinkster.com/allineed/antivirus/Win32Maldal.html

Thanks for the info Jason.You can learn more about it at
http://www.htmlforums.com/showthread.php?threadid=9709&highlight=christmas.exe :D

Looks like I've been a day late and a dollar short with my posts. Well, if there's any new info it's that the threat was just upgraded from low to medium.

Anyway, as always, don't open any strange attachments!