When the virus is loaded into memory, it first infects C:\COMMAND.COM, followed by hooking INT 21h and infects any executable that is run.
Under CHKDSK the files may appear an allocation error due to their size changes, while it is not observable as long as the virus stays memory resident.
The TSR code of the virus occupies 9,760 bytes in memory.
When an infected program is run on Friday 13th, it runs itself with a video effect.
Both of the size of the original sample or that in infected files are not equal to 4,568 bytes, even it is called as TPE.Kela.4568 in alias.
The virus contains the encrypted internal text strings:
[TPE 1.3] This is KELA-17 version virus. KELA-17 very nice virus . Ha Ha HaHa KELA - 17 TPE, KELA. Copyright (c) 1994 by KELA. All Rights Reserved. KELA