virus logo Virus

Krueger.2271

description-logoAnalysis


  • This is a polymorphic virus that infects COM and DOS EXE files.

  • When an infected file is executed, the virus stays resident in memory by hooking Interrupt 21h.

  • The infection routine is triggered through various actions by the user, such as the following:
    • setting the current directory
    • creating a file
    • opening an existing file
    • deleting a file
    • getting/setting file attributes
    • renaming a file
    • executing a program

  • It appends its code to target host files.

  • The virus contains the following text strings:
    • Freddy KRueGer 2.1
    • Hi Fridrik!


Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR
ID 22847
Released Oct 01, 1998
Description
Updated		 Jun 18, 2010
Aliases Virus.DOS.Freddy.2271 (KAV), FREDDY.2.1 (Trend), Freddy.2271 (McAfee)