二、病毒分析

　　我们将从几个方面分析这款病毒：

　一）邮件主题

　　当病毒通过邮件传播的时候，一般会取一个比较“一般”的主题，这样一不小心就会认为是朋友的来信。当然，也有一些是很“特殊”的，比如“求职”等。和刚出现时候的通过邮件传播的病毒不同，现在大部分的病毒都不会采用单个邮件主题，而是提供多个主题，发送邮件的时候随机从这些主题里面取一个，这样，即使用户知道该病毒，在收发邮件的时候也非常小心，但是，仍然会在不经意之间中招。

　　W32.Gokar.A@mm发送邮件时从以下几个主题中随机选择：

　　·If I were God and didn't belive in myself would it be blasphemy
　　·The A-Team VS KnightRider ... who would win ?
　　·Just one kiss, will make it better. just one kiss, and we will be alright.
　　·I can't help this longing, comfort me.
　　·And I miss you most of all, my darling ...
　　·... When autumn leaves start to fall
　　·It's dark in here, you can feel it all around. The underground.
　　·I will always be with you sometimes black sometimes white ...
　　·.. and there's no need to be scared, you re always on my mind.
　　·You just take a giant step, one step higher.
　　·The air will hold you if you try, trust my wings of desire. Glory, Glorified.......

　　如果仔细看看上面的主题，我们发现真的很吸引人，有的是名言、有的是体育方面的，而且语言看上去很随意，很想一般朋友来信。不过我国大部分的用户由于母语的关系，可能对这一类的信件会留一个心眼，中招的机会不会很大。

　二）邮件内容

　　邮件内容也是比较重要的，因为要吸引用户打开邮件附件，这样病毒才会感染（有些不需要打开附件就可以，那是特例）。这款病毒的主题也是从一系列语句中随机抽取：

　　·Happy Birthday
　　·Yeah ok, so it's not yours it's mine :)
　　·The horizons lean forward, offering us space to place new steps of change.
　　·I like this calm, moments before the storm
　　·Darling, when did you fall..when was it over ?
　　·Will you meet me .... and we'll fly away ?!
　　·You should like this, it could have been made for you
　　·speak to you later
　　·They say love is blind ... well, the attachment probably proves it.
　　·Pretty good either way though, isn't it ?
　　·still cause for a celebration though, check out the details I attached
　　·This made me laugh
　　·Got some more stuff to tell you later but I can't stop right now
　　·so I'll email you later or give you a ring if thats ok ?!
　　·Speak to you later

　　这些信件内容都是直接或者间接的引诱用户打开附件，比较有意思的是，病毒会在每一封邮件的信件内容最后加上感染病毒的邮箱用户的名字，这样看上去会更加真实一些。