Welcome to the Virus Encyclopedia of Panda Security.
It drops the Trojan Downloader.JIH in the affected computer. It uses the vulnerability in Microsoft Word MS01-034 to be automatically run just by viewing the document that contains it.
|First detected on:||June 28, 2006|
|Detection updated on:||Oct. 18, 2006|
Kukudro.A is a macro virus that drops the Trojan detected as Downloader.JIH in the affected computer.
In order to do so, it uses a vulnerability in Microsoft Word, addressed in the security bulletin MS01-034. By exploiting this vulnerability, the macro security warning (which Word displays when a document containing macros is about to be opened) is not displayed, and therefore Kukudro.A is automatically run just by viewing the document.
Kukudro.A does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the computer. It has been reported that Kukudro.A has been massively sent via email, in a message that includes an attachment that consists in a Word document.
Kukudro.A is easy to recognize once it has affected the computer, as the Word document called MY_NOTEBOOK.DOC in which it reaches the computer has the following appearance: