W97M/Pecas.B
Analysis
- Virus consists of one macro module within the class
storage which is renamed from "ThisDocument"
to "Pecas"
- Virus hooks Word event handler which prevents the
closing of infected documents
- Virus contains these comment lines in the beginning
of the virus code-
'by morris "vegueta"
'pequitas es mi novia
'mi viejo amigo " goto"
'dedicado para ti pequitas
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |