Class Trojan
Platform BAT

Technical Details

This is a silly BAT Trojan that affects all files on C:, A:, B: and D: drives (exactly in that sequence). To delete the files, the Trojan uses a “DELTREE /Y” DOS command. The Trojan then also deletes SIMPSONS.* on the same drives
(but there are no files on drives after DELTREE command).

The Trojan was distributed as a self-extracting WinZip package that upon being run, displays a standard WinZip message, extracts the Trojan and spawns it. There
were reports about the Trojan being found “in-the-wild”.

Find out the statistics of the threats spreading in your region