Virus:W32/Relnek.A
Type:File infector
In the wild:No
Reported Infections:Low
Distribution Potential:Low to medium
Damage Potential:Medium
Static file:No
File size:12.288 Bytes
Engine version:7.09.00.236

 General Method of propagation:
   • Infects files
   • Mapped network drives


Aliases:
   •  Symantec: W32.Relnek.A
   •  Kaspersky: Virus.Win32.Agent.cx
   •  Bitdefender: Win32.Relnek.A


Platforms / OS:
   • Windows NT
   • Windows 2000
   • Windows XP
   • Windows 2003


Side effects:
   • Infects files

 File infection Infector type:

Appender - The virus main code is added at the end of the infected file.
– The following section is added to the infected file:
   • .TOT

Damaging - The files are improperly infected. Most of the time the infected files are broken and crash.


Stealth:
 EPO (Entry Point Obscuring) - The infected file's EP (Entry Point) remains the same. The virus patches the program code to redirect execution to the viral code.


Self Modification:

Encrypted - The virus code inside the infected file is encrypted.


Method:

This direct-action infector actively searches for files.


Infection length:

- 12.288 Bytes


The following files are infected:

By file type:
   • *.exe
   • *.com

Files in any of the following directories:
   • %all directories%

Description inserted by Daniel Constantin on Thursday, February 18, 2010
Description updated by Andrei Ivanes on Friday, February 19, 2010

Back . . . .