Welcome to the Computer Security Wiki! You can help us by expanding stubs, create new articles and improve current articles.
You can also help us by logging-in or creating an account!

Thanksgiving

From Malware Wiki
Jump to: navigation, search

Stubsymbol.png This article is a stub. You can help by editing it.

Thanksgiving
TypeVirus
Date1990
Programming LanguageAssembly
PlatformMS-DOS
File TypeDOS executable (.COM)
MZ executable (.EXE)
Alias(es)Virus.Boot.V1253/Thanksgiving
MD56795622fb8209d8d968e3cb7cbe118d7
SHA-12febd0a4119206918cdb38fa329b508f1a50630c
SHA-256128180e3ea7ed579fb62b1116b40dc95160c9897e869b8237f6d80cb402611a6
SSDEEP24:gHWZMZ/pTKDziY6o0BDUVOGtRyvYQH3T/by6qX0pvEdPCvnifDL:gMGpTKDzBuBmUvYQD/bvvKvf
This box: view  talk  edit

Thanksgiving (Also known as Virus.Boot.V1253/Thanksgiving) is a virus than runs on DOS. It activates on Thanksgiving day.

Payload

When the virus is run, it infects all .COM files and attempts to infect the master boot records of hard disks and floppy disks. However, the virus does not check to see if the disk it is attempting to infect is write-protected. If the disk is write-protected, the system shows the user an error report. When the user looks at the directory of a .COM file, the file will increase in file size.

If the computer is booted on Thanksgiving of 1990 or later, the virus will overwrite the first seventeen sectors of the first two heads of the hard disk, which renders the partition table unusable and makes all data inaccessible. If the user reboots on this date or later, there will be no boot sector on the hard disk, which makes the system unable to boot up.

Media