|File Type||Win32 PE executable (.EXE)|
The trojan itself is activated without warning.
When the trojan is activated, the trojan's payloads will be triggered on certain dates.
This payload activates in October. This payload makes the background glitch up into multiple backgrounds moving while it is flashing. If the user opens a window, that window will replace the image on the background until it is closed.
Payload 2 does almost the same as Payload 1, as it also causes the background to glitch up, but makes the background move more wave-like.
In this payload, if the user opens a window, it takes a screenshot and sets it as the user's background.
This is the last known payload of the virus that activates on Friday the 13th. It first ejects the user's C:\ drive (similar to PCToaster), thus resulting in many programs not working. It tries to do this while the trojan is loading to corrupt the startup files. A successful attempt will result in when the user reboots, there will be either a booting error, or a Blue Screen of Death. Either way, the user has to fix the PC with startup repair or a repair CD. Due to exploit fixing, this is the only payload that can't be run on Windows 10, unlike PCToaster, which works on all versions of Windows.
- Viewer-Made Malware 13 - EscalationBomb (Win32) (Flashing lights warning)