VIRUS HELP TEAM


------------------------
Amiga Virus Encyclopedia
DMS 2.06 Trojan
------------------------
    
 
DMS 2.06 Trojan:

Filelength 45732 Bytes (partly packed)

This trojan was spreaded around 2-3.01.1995. in Europe. The "4eb9"
linker was used to link an additional code on a normal DMS version.
DMS 2.06 is at this time NOT released. The linked programm contains
a FastCall hacking system, which is a little bit more advanced in
comparison to the code in the LHAV3 or in the Vtek22 trojans. The
trojan tests for the SnoopDos task and skips, if this task was
found.

The mailbox hacker is crypted with a quite nice eor-loop. The main-
part is packed with something different, but I was too lazy too
check this out, because it`s for the virus quite irrelevant.


Shortcut from the decrypted file:

   'S:HauptPfad'
   'User/SYSOP/Userdaten'
   'User/Slayer/.index'
   'User/Slayer/.txt'
   'Absender  : SLAYER'
   'Betreff   : Test'
   'Datum     : 16.11.1994'
   'Uhrzeit   : 22:02:41'
   'Zeilen    : 2'
   '16.11.1994 22.02.41    1 Asc Slayer'
   'Test'
   'SnoopDos'
   'dos.library'
   'User/Slayer/lesemeldung'


File-ID description of this trojan:

-==--==--==--==--==--==--==--==--==--=-
|     __  ______                       |
|    /  \ \  |: / /\    - DMS 2.06 ---  |
|   / _ \\ \ ! / / \                  .|
|  // |  \\/   \//  \\/\  -cRACKED     :|
| /     \: \    \\ \      vERSION :|
|/____|_____\|___\_____\_\            .:|
|            !                        ::|
|                                   .:::|
|                         .......:::::::|
-==--==--==--==--==--==--==--==--==--=-


Test by Markus Schmall




Virum Help Team
Denmark & Canada
Copyright © All rights reserved
www.vht.dk