This Trojan is designed to install other Trojan programs to the victim machine without the knowledge or consent of the user. The Trojan itself is a Windows PE EXE file approximately 10KB in size. Some variants of this Trojan may differ significantly in size.

This Trojan downloads files via the Internet without the user’s knowledge or consent.

It is a Windows PE EXE file. It is written in Visual C++. It is packed using UPX. The file is 13,824 bytes in size. The unpacked file is approximately 46KB in size.

This Trojan downloads files via the Internet without the user’s knowledge or consent.

It is a Windows PE EXE file. It is not packed in any way. The file is 3,584 bytes in size.

This Trojan downloads files via the Internet without the user’s knowledge or consent.

It is a Windows PE EXE file. It is not packed in any way. The file is 3584 bytes in size.

Details
Galt.1574

It is a harmless memory resident parasitic stealth virus. It traces and hooks INT 21h and then writes itself to the end of COM and EXE files that are accessed. The virus contains the text strings:
22/07/95
John Galt - RT Fishel

This Trojan downloads software via the Internet without the knowledge or consent of the user.

The program itself is a Windows PE EXE file. It is written in C++. The size of infected files may vary slightly, from 62KB to 77KB.

Installation

Once launched, the Trojan registers itself in the…

This Trojan uses spoofing technology. It is a fake HTML page. It is designed to steal confidential information from Citibank clients.

The Trojan arrives in the guise of an important email from Citibank.

The email contains a link which exploits the Frame Spoof vulnerability in Internet…

This Trojan program downloads other programs from the Internet and installs them without the user’s knowledge or consent.

The program itself is a Windows PE EXE file 16896 bytes in size. It is packed using UPX. The unpacked file is approximately 45KB in size. It is written in…

Details
Gallery.631

It is a harmless memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM files that are executed. The virus does not manifest itself in any way, it contains the text string:
Art Gallery++

This Trojan program downloads other programs from the Internet and installs them without the user’s knowledge or consent.

This Trojan is a Windows DLL file. It is written in C++. The file size may vary.
The Trojan will also attempt to connect to the Internet.

This Trojan is designed to install other Trojan programs to the victim machine without the knowledge or consent of the user. It is a Windows PE EXE file. It is not packed in any way. The file is 8,192 bytes in size.

Details
Galicia.840

This is relatively harmless, non-memory resident encrypted parasitic virus. It searches for COM files, then writes itself to the beginning of the file. In odd months (January, March, all), the virus drops boot virus Galicia.b to the MBR of the hard drive.
The virus contains the following text strings:
Antitelefónica Galicia!

Details
Galicia.800

It’s a not dangerous memory resident encrypted boot virus. On loading from infected disk it hooks INT 13h and infects MBR of hard drive and Boot-sectors of the floppies. On May, 22th at 12am it types the message: “Galicia contra telefonica!”. It contains the ID-word “V1″.

This Trojan downloads files via the Internet without the user’s knowledge or consent. It is a Windows PE EXE file. The file is 3,072 bytes in size. It is written in Assembler.

Installation

Once launched, the Trojan registers itself in the system registry:…

This Trojan extracts another Trojan program from its body. It is an HTML file. The file is 2844 bytes in size.