VirusWM/CAP.A
Analysis
- Viral consists of ten macros and is infectious
in the Word6/7 environment
- Virus hooks the Word event handler which prevents
the opening, saving or closing of infected documents
- Virus name is derived from one of the macros, which
is named "CAP"
- Virus contains these comments in the main macro
module named "CAP" -
'C.A.P: Un virus social.. y ahora digital..
'"j4cKy Qw3rTy" (jqw3rty@hotmail.com).
'Venezuela, Maracay, Dic 1996.
'P.D. Que haces gochito ? Nunca seras Simon Bolivar.. Bolsa !
Telemetry
Detection Availability
| FortiClient | |
|---|---|
| Extreme | |
| FortiMail | |
| Extreme | |
| FortiSandbox | |
| Extreme | |
| FortiWeb | |
| Extreme | |
| Web Application Firewall | |
| Extreme | |
| FortiIsolator | |
| Extreme | |
| FortiDeceptor | |
| Extreme | |
| FortiEDR |