VirusW97M/Eight941.E
Analysis
- Virus exists within the class macro storage
- Virus hooks Word event handler which prevents the
closing of infected files
- This variant contains the same code as W97M/Eight941.D except the date activation routine does not open or password protect all files on drive C:
Telemetry
Detection Availability
| FortiClient | |
|---|---|
| Extreme | |
| FortiMail | |
| Extreme | |
| FortiSandbox | |
| Extreme | |
| FortiWeb | |
| Extreme | |
| Web Application Firewall | |
| Extreme | |
| FortiIsolator | |
| Extreme | |
| FortiDeceptor | |
| Extreme | |
| FortiEDR |