Raptor Virus


 Virus Name:  Raptor 
 Aliases:    
 V Status:    Rare 
 Discovery:   July, 1994 
 Symptoms:    .EXE file growth; 
              decrease in total system & available free memory 
 Origin:      Unknown 
 Eff Length:  1,806 - 1,816 Bytes 
 Type Code:   PRhE - Parasitic Resident .EXE Infector 
 Detection Method:  F-Prot, AVTK, IBMAV, ViruScan, Sweep, NAV, NAVDX, 
                    VAlert, PCScan, ChAV, 
                    AVTK/N, Sweep/N, NProt, IBMAV/N, NShld, NAV/N, LProt, 
                    Innoc 4.0+ 
 Removal Instructions:  Delete infected files 
 
 General Comments: 
       The Raptor virus was submitted in July, 1994.  Its origin or point of 
       isolation is unknown.  Raptor is a memory resident fast infector of 
       .EXE programs. 
 
       When the first Raptor infected program is executed, this virus will 
       become memory resident at the top of system memory but below the 640K 
       DOS boundary, not moving interrupt 12's return.  Total system and 
       available free memory, as indicated by the DOS CHKDSK program, will 
       have decreased by 2,992 bytes.  Interrupt 21 will be hooked by the 
       virus in memory. 
 
       Once the Raptor virus is memory resident, it will infect .EXE programs 
       when they are executed, opened, or copied.  Infected .EXE programs 
       will have a file length increase of 1,806 to 1,816 bytes with the 
       virus being located at the end of the file.  The program's date and 
       time in the DOS disk directory listing will not be altered.  No text 
       strings are visible within the viral code. 
 
       It is unknown what Raptor may do besides replicate. 
 
       Known variant(s) of the Raptor virus include: 
       Raptor.B: Received in February, 1995, Raptor.B is a minor 
               variant of the Raptor virus described above.  The following 
               text strings are encrypted within the viral code: 
               "The Raptor virus version 1.7" 
               "Copyright 3.12.1993 - Hacker club Brno - Czech republic" 
               "Don't panic!! This virus doesn't destroy data! I am 
                mostly kindly virus!!' 
               "I should inform you that soon comes Raptor2.0 with 
                special sealth systems!" 
               "You can be sure that Raptor2 will be totally untouchable!" 
               "/? nebo /h zobrazi tyto radky" 
               Origin:  Unknown  February, 1995. 
       Raptor.C: Received in February, 1995, Raptor.C is a minor 
               variant of the Raptor virus described above. 
               Origin:  Unknown  February, 1995.

Show viruses from discovered during that infect .

Main Page