Avarta – an MS Publisher virus

13 Apr 2006

minute read

Authors

Costin Raiu

The spring seems to be a prolific time for new ideas and proof of concept viruses. However, not all of them are a cause for concern.

For instance, we’ve received a new virus which infects Microsoft Publisher (*.pub) documents. You can find a description of Avarta here.

Due to its crude replication method and obvious payload, Avarta has zero chances of getting in the wild. Three or four years ago, this might have been an innovative piece of malware. But now macroviruses are virtually extinct, making Avarta proof of concept for something that will never become a threat.

Authors

Costin Raiu

Avarta – an MS Publisher virus

Latest Posts

Latest Webinars

Reports

In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.

Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups.

We unveil a Lazarus campaign exploiting security company products and examine its intricate connections with other campaigns

How Kaspersky researchers obtained all stages of the Operation Triangulation campaign targeting iPhones and iPads, including zero-day exploits, validators, TriangleDB implant and additional modules.

Avarta – an MS Publisher virus

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

TOP 10 unattributed APT mysteries

Applied YARA training Q&A

PuzzleMaker attacks with Chrome zero-day exploit chain

Looking at Big Threats Using Code Similarity. Part 1

YARA webinar follow up

A hack in hand is worth two in the bush

QBot banker delivered through business correspondence

Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)

Latest Posts

IT threat evolution in Q3 2023. Mobile statistics

IT threat evolution Q3 2023

IT threat evolution in Q3 2023. Non-mobile statistics

Consumer cyberthreats: predictions for 2024

Latest Webinars

Responding to a data breach: a step-by-step guide

2024 Advanced persistent threat predictions

Overview of modern car compromise techniques and methods of protection

2023 APT Landscape Unveiled: Trends, Challenges, Solutions

Reports

HrServ – Previously unknown web shell used in APT attack

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

A cascade of compromise: unveiling Lazarus’ new campaign

How to catch a wild triangle

Subscribe to our weekly e-mails