| ||||||||||||||||
Win32.Duel 1.1
by DR-EF
See also the project folder |-----------------------------------------------------------------------| |:::::::-. ... :::.,:::::: ::: :::::::..-:. ::-. | | ;;, `';, ;; ;;;;;;;'''' ;;; ;;;'';;'';;. ;;;;' | | `[[ [[[[' [[[ [[cccc [[[ [[[__[[\. '[[,[[[' | | $$, $$$$ $$$ $$"""" $$' $$""""Y$$ c$$" | | 888_,o8P'88 .d888 888oo,__ o88oo,.__ _88o,,od8P ,8P"` | | MMMMP"` "YmmMMMM"" """"YUMMM""""YUMMM ""YUMMMP" mM" | | | | :::::::-. :::::::.. .,:::::: .-:::::' | | ;;, `';,;;;;``;;;; ;;;;'''' ;;;'''' | | `[[ [[ [[[,/[[[' [[cccc [[[,,== | | $$, $$ $$$$$$c cccc $$"""" `$$$"`` | | 888_,o8P' 888b "88bo, 888oo,__ 888 | | MMMMP"` MMMM "W" """"YUMMM"MM, | |-----------------------------------------------------------------------| |Win32.Duel v1.1 (c) 2006 by DR-EF | |--------------------------------- | |Virus Name :Win32.Duel | |Virus Type :PE/Rar Infector & Massmailer | |Virus Author :DR-EF | |Author Homepage:http://home.arcor.de/dr-ef/ | | | |Virus Features : | |---------------- | | 1)Infect PE files by adding loader code into the | | aligned space of the host's code section (same | | (as win32.x-worm) | | 2)infecting Rar archives by adding virus file | | 3)does not infect sfc protected files | |Mail Worm Features: | |------------------- | | 1)find emails in txt,htm,hta & in the Windows address | | book | | 2)use its own base64 encoder & smtp engine | | 3)spoof sender address | | 4)have its own MX Dns resolver | | | |General Malware Features: | |------------------------- | | 1)run as service process under win9x/me | | 2)disable winxp firewall | | 3)destructive payload | | 4)operation log system | | 5)notify on irc for every new infection | | 6)use mutex to avoid multi executions | | 7)kill av/firewalls/anti trojan programs | | | |How To Compile: | |--------------- | | use microsoft visual c++ 6 with the latest updates to | | compile that virus | |-----------------------------------------------------------------------| |