Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » SWF/LFM.926

Overview

Threat Risk LOW LOW
Destructivity NONE NONE
Payload
Detection files published 09 Jan 2002 03:00:00
Description created 08 Jan 2002 10:44:00
Description updated 24 Jan 2002 01:59:00
Malware type VIRUS
Alias
Spreading mechanism FILE_INFECTION
Summary None

SWF/LFM.926

Spreading

This virus spreads in the following manner:


When the infected animation file is viewed using the Shockwave Flash player, an embedded script in the file will be executed. This script writes out another script, a so-called debug script, which is directed into the common debug utility DEBUG.EXE. The debug utility now creates and runs a simple program, called V.COM.

This program looks for and infects *.SWF files that it finds in current directory, so that they too become infectious.



Payload Details

We do not consider this particular virus to be a big threat, but it might be a harbinger of things to come. We therefore advise that one is careful with *.SWF files, particularly when received over mail.

Analysis

n/a

Removal

n/a


Last Updated: 12 Nov 2015 11:06:10