To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview
This is the detection of Trend Micro for a specially crafted .DOC file that exploits the
Microsoft Jet Database Engine vulnerability.
It usually arrives as an attachment to a email messages spammed by another malware or a malicious user.
The said vulnerability allows a malicious .DOC file to drop and execute an embedded executable file. As a result, routines of the dropped backdoor are also exhibited on the affected system.
For more information can be found in the following link:
Note that this detection is a zero-day exploit because it attacks a software vulnerability for which the vendor has not released a patch. This may pose as a dangerous situation in which a lot of computers may be affected due to the availability of the exploit code, and the fact that there is no available patch for the vulnerability.
More...
03-24-2008
