Fandom

Malware Wiki

Blazer

1,321pages on
this wiki
Add New Page
Comments0 Share

Virus.DOS.Blazer.1000 is a very dangerous parasitic virus on DOS.

BehaviorEdit

When the virus is run, it infects C:\COMMAND.COM, but no other files will be infected.

PayloadEdit

The virus activates when the value of day is equal to month and the hour is equal to minute (e.g. September 9th, 12:12).

It displays a chunk of assembly code, with its logo and copyright notice:

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
\ CSEG:OFFS OPCODE        PSEUDO INSTR.  /
/ 1F47:0103 90            NOP            \
\ 1F47:0104 0000          ADD [BX+SI],AL /
/ 1F47:0106 E80000        CALL 0109      \
\ 1F47:0109 5D            POP BP         /
/ 1F47:010A 81ED0901      SUB BP,0109    \
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
          -=≡ßL/\ZΣR≡=- (c)'1994

And deletes all files in the current directory, files in subdirectory are not affected. Since the files deleted are located at the uppermost directory including hidden system files IO.SYS and MSDOS.SYS, when the computer is rebooted, it will fail to load the system.

Other detailsEdit

Deleted files are possible to recover using Undelete before rebooting, but the infected COMMAND.COM must be replaced with a clean copy, or the virus might activate again or hang the system when it is loaded next time.

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.