| Description |
Technical Details
This is an Excel macro virus. The only module (macro) in this virus is named
“Exec”, it contains three subroutines: Auto_Open, DipDing, PayLoad and one
function: SheetExists. Auto_Open routine is auto one, it is called by Excel
on opening any file. On this call the virus infects PERSONAL.XLS. In case
of any error, the virus infects all active books (files). Before returning the
Auto_Open macro sets the DipDing subroutine as a timer handler that is
called starting from 4:00pm. This subroutine infects all opened books.
The virus writes the string “Yohimbe” to the sheet header. The virus also
sets PayLoad subroutine as called starting from 4:45pm. This routine
re-sizes active sheet, draws a picture and inserts the text “FUCK YOU
BUDDY” into the sheet.
|
English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
