DMS 2.06 Trojan:
 ----------------

 Filelength 45732 Bytes (partly packed)

 This trojan was spreaded around 2-3.01.1995. in Europe. The "4eb9"
 linker was used to link an additional code on a normal DMS version.
 DMS 2.06 is at this time NOT released. The linked programm contains
 a FastCall hacking system, which is a little bit more advanced in
 comparison to the code in the LHAV3 or in the Vtek22 trojans. The
 trojan tests for the SnoopDos task and skips, if this task was
 found.

 The mailbox hacker is crypted with a quite nice eor-loop. The main-
 part is packed with something different, but I was too lazy too
 check this out, because it`s for the virus quite irrelevant.



 Shortcut from the decrypted file:

       'S:HauptPfad'
       'User/SYSOP/Userdaten'
       'User/Slayer/.index'
       'User/Slayer/.txt'
       'Absender  : SLAYER'
       'Betreff   : Test'
       'Datum     : 16.11.1994'
       'Uhrzeit   : 22:02:41'
       'Zeilen    : 2'
       '16.11.1994 22.02.41    1 Asc Slayer     '
       '       Test'
       'SnoopDos'
       'dos.library'
       'User/Slayer/lesemeldung'



 File-ID description of this trojan:


 -==--==--==--==--==--==--==--==--==--=-
 |     __  ______                       |
 |    /  \ \  |: / /\    - DMS 2.06 ---  |
 |   / _ \\ \ ! / / \                  .|
 |  // |  \\/   \//  \\/\  -cRACKED     :|
 | /     \: \    \\ \      vERSION :|
 |/____|_____\|___\_____\_\            .:|
 |            !                        ::|
 |                                   .:::|
 |                         .......:::::::|
 -==--==--==--==--==--==--==--==--==--=-



 Test by Markus Schmall

[Go back]