------------------------
Amiga Virus Encyclopedia
ZonderKommando 1
------------------------
- ZonderKommando 1 file (name traceable)
Other name: Mongo09 see above
Known file: mongo09.exe
Directed against BBS.
Length packed: 1708 bytes
Unpacked length: 3368 bytes
No bent vectors:
No propagation as a burglary tool.
Looks for Snoopdo's end if yes
Searches for ACP.STARTUP If no end
Creates file FLT_DSQ.DMS (the hack file = data is encoded)
VT offers delete.
Extract from unpacked file:
4eaefeda 4a806730 4cdf7fff 4e755a6f N ... J.g0L. .NuZo
6e646572 204b6f6d 6d616e64 6f203230 or command 20
3038202d 20546865 204e6577 2047656e 08 - The New Gen
; .....
51c8fffa 4e750000 00000000 533a4143 Q ... Nu ...... S: AC
502e5354 41525455 50000000 00000000 P.STARTUP .......
; .....
00000000 00000000 0000434f 4e465f4c .......... CONF_L
4f43414c 2030322d 0075706c 6f61642f OCAL 02-.upload /
464c545f 4453512e 444d5300 75736572 FLT_DSQ.DMS.user
2e646174 61004242 535f4c4f 43415449 .data.BBS_LOCATI
4f4e2000 00000000 00000000 00000000 ON .............
; .....
00006262 733a636f 6e666967 30000000 ..bbs: config0 ...
; .....
00000000 00000000 536e6f6f 70446f73 ........ SnoopDos
Original test by Heiner Schneegold
Translated from german to english by Google translate