Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » W32/HLLC.Sash.A

Overview

Threat Risk LOW LOW
Destructivity NONE NONE
Payload
Detection files published 13 Mar 2002 03:00:00
Description created 11 Mar 2002 03:00:00
Description updated 14 Mar 2002 02:37:00
Malware type VIRUS
Alias
Spreading mechanism FILE_INFECTION
Summary None

W32/HLLC.Sash.A

Spreading

The infection method is a so-called companion type infection. The original host file is renamed to *.EX_, and a copy of the virus takes its place. F.ex. the original NOTEPAD.EXE is renamed to NOTEPAD.EX_, while the virus calls itself NOTEPAD.EXE.

When an infected file is run, a small message box will appear.

(Image not available)

Payload Details

This is a very low risk virus with almost no chance of spreading in the wild.

Analysis

n/a

Removal

n/a


Last Updated: 12 Nov 2015 11:06:14