virus logo Virus

W97M/Onex.A

description-logoAnalysis

  • Virus consists of one class macro module, renamed from "ThisDocument" to "Extra"
  • Virus hooks Word event handlers which prevents the closing of infected documents
  • Virus contains these comment lines-

    ' Word 97/2k.Extra - Psyclone X
    ' My first virus for the year 2k

Telemetry logoTelemetry

Detection Availability

FortiClient
Extreme
FortiMail
Extreme
FortiSandbox
Extreme
FortiWeb
Extreme
Web Application Firewall
Extreme
FortiIsolator
Extreme
FortiDeceptor
Extreme
FortiEDR
ID 15043
Released Oct 07, 2002
Description
Updated		 Jul 02, 2003
Platform Profile Microsoft Word 97 macro