Beater is an email worm coded by DiA.

When the worm arrives, it comes in a German-language email. The subject line and message body will be a moderately enticing request to look at some pictures and weblinks. The attachment is named "Hot Lebian Picture Set.exe".

When executed, Beater displays an error message saying it can't find a specific file. The worm copies itself to the system folder as btr.exe. The worm modifies a registry key to ensure it runs every time Outlook or the Task Manager is run.

Beater gets a list of email addresses in the Outlook address book. It uses MAPI to send itself to all these addresses.

Sources

Sophos Antivirus, W32/Bater-A.

Trend Micro Antivirus, WORM_BATER.A.