Virus.Win32.HLLC.Sulpex.a

tag:Executable File and Boot Viruses

0 0

Suplex is a dangerous resident companion Win32 virus.

The virus itself is a Windows PE EXE file about 230 KB in length, written in Delphi and compressed by UPX.

Sulpex searches recursively for all files on disks A: to Z: (except files in the Windows directory) and then infects the files that have the .EXE extension and encrypts all other files.

While infecting the virus copies the original file with the same filename prefixed with "prm" (for example, "prmCALC.exe"), and overwrites the original file with itself.

The virus encrypts the first 4000 bytes of all files that do not have .EXE extension. When there are more than 1000 encrypted files it writes a text file that has a name starting with the word "warning" to the Windows desktop. This file contains strings written in Russian.

previous:Virus.Win32.HLLC.Nan
previous:Virus.Win32.HLLC.Susan

Virus Source from:

New articles

Virus.Win32.Chop.3808 It is not a dangerous nonmemory resident parasitic polymorphic Win32 virus. It searches for PE EXE files in the current directory, then writes itself to the en...Virus.Win32.Crypto This text was written with the help of Adrian Marinescu, GeCAD Software.This is a very dangerous memory resident parasitic polymorphic Win32 virus about 20K i...Virus.Win32.Delf.k This file virus replaces .exe files with its own body.The virus itself is a Windows PE EXE file 18944 bytes in size, written in Delphi. Payload...Virus.Win32.Devir This is a per-process memory resident parasitic poly-morphic Win32-virus. The virus infects PE EXE files that have .EXE filename extensions. When run, the viru...Virus.Win32.Ditex.aDitex is a memory resident parasitic Win32 virus. It is written in Microsoft Visual C and is about 33KB in size. The virus infects PE EXE files that have .EX...

Hot Articles

Virus.Win32.HLLC.Sulpex.a

Computer Virus Clounds