WM/Copycap.A
Analysis
- Viral consists of 11 macros and is infectious in
the Word6/7 environment
- Virus hooks the Word event handler which prevents
the opening, saving or closing of infected documents
- Virus name is derived from a similarity found between
this family and another, named WM/Cap
- Virus contains these comments in the main macro
module named "CAP" -
'C.P.A.V: Comp5t4r Po1nt 4nti Viru5.. Bye..Bye..
'"4L13n'5" (eN4nk1Y@http://WWW.Comp5t4r.com/ed.id.).
'Chiepoe that, 14iN, Dic 2000.
'P.D. Aug igal ngisup nad StreSS!!! Alig ul .. taub Suriv Orcam ..!
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |