| Description:
|
Details
Kasiunia.3773
It is a dangerous memory resident parasitic polymorphic and stealth virus. It writes itself to the end of EXE-files. When an infected file is executed, the virus hits the C:NCNC.EXE file, then it hooks INT 9, 10h, 17h, 1Ch, 21h. The virus infects the files when intercepts DOS calls Close, FindFirst/Next ASCII.
The virus manifests itself in different ways. It drops the C:KASIUNIA.LZH archive that I cannot unpack, while executing of TD.EXE file the virus displays (the grammar mistake is in the original text):
Dual memory acces - uncorrect internal Turbo Debuger error.
Please run TD286.EXE to work without this error.
The virus also patches the system memory at random selected addresses, deletes anti-virus data files, beeps by PC speaker, changes the symbols that are displayed. The virus also contains the text strings:
Win
C:nCNc.exe
CPSTAGTD.MSACPA
c:KasIuNiA.lZh
Panie Marku, przepraszam, ale to moj 2 wirusall |
