ACM_PASDOC.JNP

 Analysis by: Rhena Inocencio

 PLATFORM:

Windows 2000, Windows XP, Windows Server 2003

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:

  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  OVERVIEW


This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

  TECHNICAL DETAILS

File Size:

1,766 bytes

File Type:

LSP

Initial Samples Received Date:

27 Jan 2012

Arrival Details

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

NOTES:
This is the Trend Micro detection for a specially crafted AutoCAD LISP script file. Upon execution, this AutoCAD macro file searches for the file BASE.DCL in the AutoCAD path. It then searches for the file ACADDOC.LSP in the same folder. If found, it then replaces the contents of the file ACADDOC.LSP with its content.