R
R
redskif2015-03-06 10:02:43
Malware
redskif, 2015-03-06 10:02:43

Is it possible to attach a bug and which one to a .doc file?

They sent a letter with an attached .doc file, opened the letter in the browser (mail on mail.ru), the application was also opened in the browser (google chrome browser), and according to the employee in the upper left corner there was some kind of color barcode, which is usually not. After opening the computer began to work extremely slowly and then completely hung up. After the reboot, such a barcode was not observed in the open application.
According to the authorities, the person from whom the letter came may well be under the hood of his superiors, who actively use all sorts of trojans and so on to spy on their employees.
Therefore, a request to those who are in the subject, give their comments, was there anything in this file or not, and by what signs in the letter can now be determined what kind of muck was attached.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
W
William Thorn, 2015-03-06
@xydope

Without the file itself, it is difficult to say something, but, in general, it is possible to attach a script to a Word file.
1. Watch computer traffic (wireshark, etc. or on your Proxy/FW)
2. Check running services/installed applications
3. Install/Update antivirus
4. Lower user rights to the minimum required (user)
5. Search all files on computer that were created during the launch of the application (look for scripts, executable files, library files)
6. Restrict access to the WAN (Minimum access, only necessary)
1. Analyze everything on your own, if you have enough skills (trivially check for the presence of executable scripts, macros, etc.) (on a separate hardware that is not even connected to the network)
2. Send it to the anti-virus lab, unless, of course, it is not there conf. information.

V
Vladimir Martyanov, 2015-03-06
@vilgeforce

Given that a rare user will distinguish file.doc from file.doc.exe, anything could be. There is only one way out - the analysis of that very letter.

3
386DX, 2015-03-06
@386DX

It is possible a macrovirus, for example.
https://ru.wikipedia.org/wiki/%D0%9C%D0%B0%D0%BA%D...

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question