Details
DieHard2.4000.a

This is a dangerous memory resident parasitic encrypted stealth virus. It hooks INT 21h and writes itself to the end of COM- and EXE-files that are accessed. It overwrites the source files with the following strings:
.model small
.code
org 256
s: push cs
pop ds
call t
db ‘-Ñ$’
t: pop dx
mov ah,9
int 33
mov ah,76
int 33
end s
begin
write(’-Ç’);
end.

It also contains the following internal text strings:
SW Error
SW DIE HARD 2

Related Posts

This entry was posted on Saturday, September 23rd, 2006 at 12:00 pm and is filed under Virus Threats.