Home / malware Virus:ALisp/Bursted.BA
First posted on 02 November 2011.
Source: SecurityHomeAliases :
Virus:ALisp/Bursted.BA is also known as ACAD/Bursted (AVG), Trojan.Lisp.Bursted.A (BitDefender), Virus.ALS.Bursted (Ikarus), Virus.Acad.Bursted.a (Kaspersky), ALS/Bursted (McAfee), ALS.Bursted.B (Symantec).
Explanation :
Virus:ALisp/Bursted.BA is a script virus written in AutoLisp for AutoCAD, a computer-aided drafting application. The virus infects other AutoLisp script files with a file extension ".lsp".
Top
Virus:ALisp/Bursted.BA is a script virus written in AutoLisp for AutoCAD, a computer-aided drafting application. The virus infects other AutoLisp script files with a file extension ".lsp".
The malware checks for an AutoCAD installation by searching for the file "base.dcl".
The following files may be created in the user's AutoCAD directory under %AppData%:
- acad.lsp
- acadiso.lsp
The virus undefines the following script commands, which it may attempt to redefine with with other functionality:
- attedit
- xref
- xbind
The virus also defines a new command, named 'burst'.
Analysis by Ray Roberts
Last update 02 November 2011
