Aliases
Worm.Win32.Welchia.f, W32.Welchia.D.Worm
Type
Win32 worm
Description
W32/Nachi-F is a worm which spreads to computers at random IP addresses that are infected with W32/MyDoom-A or are vulnerable to the following Microsoft buffer overflow vulnerabilities: DCOM RPC, WebDAV, IIS5/WEBDAV and Locator Service.
For further information see Microsoft Security Bulletins MS03-026, MS03-007 and MS03-049.
The worm connects to random IP addresses on port 135 or 445 and exploits these buffer-overflow vulnerabilities to execute a small amount code on computers that have not been patched. The buffer overflow code downloads the worm and runs it. The worm allows itself to be downloaded via a random port above 1024.
More: http://www.sophos.com/virusinfo/analyses/w32nachif.html

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic