SecurityHome.eu Virus:ALisp/Bursted.BK

Home / malware PDF

Virus:ALisp/Bursted.BK

First posted on 08 June 2012.
Source: Microsoft
Aliases :
There are no other names known for Virus:ALisp/Bursted.BK.
Explanation :

Virus:ALisp/Bursted.BA is a script virus written in AutoLisp for AutoCAD, a computer-aided drafting application. The virus infects other AutoLisp script files with file extensions ".lsp" and ".mnl".

The malware checks for AutoCAD installation folders by searching for the file "base.dcl". Typically this file will be present in the folder:

%AppData%\Autodesk\AutoCad <year>\r<version>\enu\support\

The virus copies itself to the above folder using the name: "acadappp.lsp"

It also modifies the file "acad.mnl" in the same folder by appending two lines:

(load Â€Âœacadappp.lspÂ€Â)

(princ)

The virus adds one copy of an infected file named "acad.lsp" to every folder that contains the infected user's drawings.

Analysis by Jakub Kaminski

Last update 08 June 2012

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Virus:ALisp/Bursted.BA
Virus:ALisp/Bursted.A
Virus:ALisp/Bursted.BK
Virus:ALisp/Bursted.BD