W97M/Eight941.D
Analysis
- Virus exists within the class macro storage
- Virus hooks Word event handler which prevents the
closing of infected files
- On the dates November 10th or July 1st this virus may open all files on drive C: and password protect them with the password "xyz"
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |