F-Secure
Tools
Exploit:W32/MSWord6.Gen
Summary
The Generic Detection Exploit.msword.gen.6 identifies a Microsoft Word document that has been modified to perform an unauthorized, malicious action.
Disinfection
Allow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
Additional Details
Execution
Upon execution, the malware creates malicious executables in the following directories on the infected system:
The malware also attempts to connect to the following remote sites:
Upon execution, the malware creates malicious executables in the following directories on the infected system:
- %temp%\[random].exe
- %windir%\system32\[name].exe
- yahoo.onedumb.com
- yahoo.servebbs.com
- 218.23.30.99
- 218.20.188.170
- googleupdate2011.dyndns.org