TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
W97M_DLOADER.BVS
Also known as: CME-476
Overview
Solution

Malware type: Macro

Aliases: No Alias Found

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 Medium

Distribution potential:

 Low

Infection Channel 1 : Spammed via email

Description: 

To get a one-glance comprehensive view of the behavior of this macro virus, refer to the Behavior Diagram shown below.

W97M_DLOADER.BVS Behavior Diagram

Malware Overview

This macro virus usually arrives as a Microsoft Word document file dropped by other malware applications or as a file unknowingly downloaded by a user when visiting malicious Web sites. It may also arrive as a .ZIP archived attachment of a manually mass-mailed email message. The attached .ZIP file contains the malicious file, MY_NOTEBOOK.DOC.

Once the said .DOC file is opened, it executes a hardcoded macro virus that drops a malicious .EXE file detected by Trend Micro as TROJ_DLOADER.BVS. The said Trojan is used to download other malicious files on the affected system.

For additional information about this threat, see:
Solution
Technical Details

Description created: Jun. 28, 2006 4:40:16 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.