W32/Scribble-A is a polymorphic virus for the Windows platform.

W32/Scribble-A allows a remote attacker to gain access and control over the infected computer through IRC channels.

W32/Scribble-A infects files with the EXE and SCR extensions when they are opened or run.

W32/Scribble-A injects a malicious iframe into files whose extensions start with HTM, PHP or ASP, with affected files detected as Troj/Fujif-Gen. At the time of writing the iframe points to a site that hosts more malware.

The virus also adds a line to the Windows HOSTS file so that redirects this host to the loopback address.

More information can be found at this Sophos page.