Fandom

Malware Wiki

Davinia

1,321pages on
this wiki
Add New Page
Comments0 Share


Davinia is an email worm that propagates through Microsoft Outlook utilising Microsoft Word 2000. The worm will send an infected email, with a seemingly empty body and subject line, with an embedded script in order to open another site, in order to download and open an infected Microsoft Word document.

This document uses the "Office 2000 UA Control" exploit, in order to disable macro warnings without user confirmation. This allows for the macros to run without raising suspicion. Once the macro is run, it will send itself to all contacts found within Microsoft Outlook's address book.

The macro will drop a VBS file, "littledavinia.vbs" in the Windows directory, adding it to the system registry such that it will run on startup. The script will replace all rewritable files with a HTML file. Upon restart, Windows will not be able to start.

The worm will show the following message upon execution:

Davinia

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.