VirusMichelangelo.A
Analysis
- Viral body is 512 bytes
- Virus infects the MBR and floppy boot records
- When virus loads from MBR, it remains memory resident
then infects .COM files when accessed
- If infected floppy is in pc upon boot, virus code
may be transferred to system MBR and become memory
resident at next system boot
- Unless a floppy is write-protected, it becomes
infected when accessed from an infected pc
- Virus may attempt to overwrite the first 8Mb of data on the hard drive during boot time on March 6th
Telemetry
Detection Availability
| FortiClient | |
|---|---|
| Extreme | |
| FortiMail | |
| Extreme | |
| FortiSandbox | |
| Extreme | |
| FortiWeb | |
| Extreme | |
| Web Application Firewall | |
| Extreme | |
| FortiIsolator | |
| Extreme | |
| FortiDeceptor | |
| Extreme | |
| FortiEDR |