Details
Win95.Xine2.7363

This is a not memory resident Win95-virus. It searches for PE-EXE files in the current directory and infects them. While infecting the virus appends new section (name – “.Xine2″) to the end of the file and writes itself to there, then it modifies the file PE-header. To call the file access functions the virus performs direct calls to Win95 kernel. The virus contains the data that is a ZIP file containing the virus source code.

Related Posts

This entry was posted on Friday, August 8th, 2008 at 11:50 pm and is filed under Virus Threats.