It looks like this one spreads via VNC but may have other methods.
I look forward to your analysis.
/applications/core/interface/file/attachment.php?id=1336" data-fileid="1336" rel="">VNC_Worm_1_14_2007.zip
Thanks,
-GT