| Description:
|
Details
WWPE.Rsa.4568
It is a very dangerous memory resident parasitic polymorphic virus based on WWPE mutation engine. It hooks INT 21h and writes itself to the end of COM and EXE files that are executed, opened, or accessed by Get/Set Attributes DOS call. The virus also affects ARJ and ZIP archives - when these archives are accessed, the virus adds to their contents the infected C00LBBS.COM file. This file also contains virus video effect - when it is executed, it drops the virus and displays flame on the screen.
Depending on the system timer the virus disables writing to files - that may corrupt data on disk. The virus has bugs and may halt the system or/and corrupt files while infecting them. The virus contains the text strings:
$$temp$$
Wild W0rker /RSA
WWPE v0.1 |
