Parent class: Malware
Malicious tools are malicious programs designed to automatically create viruses, worms, or Trojans, conduct DoS attacks on remote servers, hack other computers, etc. Unlike viruses, worms, and Trojans, malware in this subclass does not present a direct threat to the computer it runs on, and the program’s malicious payload is only delivered on the direct order of the user.Read more
Class: VirTool
VirTool programs can be used to modify other malicious programs so that they cannot be detected by antivirus software.Read more
Platform: MSWord
Microsoft Word (MS Word) is a popular word processor and part of Microsoft Office. Microsoft Word files have a .doc or .docx extension.Description
Technical Details
This is a utility to insert executable binary files to Word macros. This utility itself is a template with only one AutoOpen macro inside. When run, this macro creates the new document WWVIRUS.DOC in the newly created C:VIRUDEMO directory, creates the VirExeData in this document, gets a EXE file, converts it to text data by using a filter, then puts this data into VirExeData macro. Then this document is able to convert the text data back to EXE file and execute it. As a result, the new document is an EXE file dropper.
The tool comments each operation with MessageBoxes. The first MessageBox contains the following text:
This installation will make 4 items 1)A directory C:VIRUDEMO 2)Macro VIRAUTOOPEN in the Global template 3)Macro VIREXEDATA in the Global template 4)An initial virus document WWVIRUS.DOC Whenever asked you must SAVE them.
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com