Fortiguard

VBS/Netlog.A

Analysis

Virus is coded in VBScript and is 2429 bytes
Virus loads at Windows startup
Virus scans a range of IP addresses and attempts to map the host to the target IP address as drive J:, then attempts to copy itself to available drives in the following folders -
windows\
windows\startm~1\programs\startup\
windows\start menu\programs\startup\
win95\startm~1\programs\startup\
win95\start menu\programs\startup\
wind95\
Virus writes a log file as "c:\network.log"

ID	15562
Released	Sep 30, 2002
Description Updated	Jul 03, 2003

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiGate

FortiClient

FortiSandBox

FortiMail

FortiADC

FortiWeb

FortiCNP

FortiNDR

FortiDeceptor

FortiEDR

FortiAnalyzer

FortiTester

Threat Profile

Threat Encyclopedia

VBS/Netlog.A

Analysis

Telemetry

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiGate

FortiClient

FortiSandBox

FortiMail

FortiADC

FortiWeb

FortiCNP

FortiNDR

FortiDeceptor

FortiEDR

FortiAnalyzer

FortiTester

Threat Intelligence Center

Resource Center

About

About FortiGuard Labs

Partners

Threat Profile

Threat Encyclopedia

VBS/Netlog.A

Analysis

Telemetry

Threat Intelligence
Center