Skip to content

LEANDRO

Overview

Malware type: Boot

Aliases: Leandro Boot, Leandro & Kelly

In the wild: Yes

Destructive: No

Platform: Floppy and Hard disks

Encrypted: No

Overall risk rating:

Description: 
This boot sector virus infects all floppy disks that are not write-protected, as they are accessed. Its non-destructive payload activates on October 21 of any year, and displays the text "Leandro and Kelly! GV-MG-Brasil."

For additional information about this threat, see:

Description created: Mar. 9, 2000 1:45:50 PM GMT -0800


Technical Details

Payload 1: Displays Message (displays text string)

Trigger date 1: October 21

Trigger condition 1: accessing disks that are not write-protected

Trigger condition 2: (accessing disks that are not write-protected)

Details:
This boot sector virus infects both boot sectors of floppy disks and partition tables on hard disks. Infections occur when a system is booted from a disk infected with the virus. It is not necessary for the boot sequence to be complete, the virus will still infect.

The virus is programmed to load its viral program into memory. Once memory resident, the virus will infect all floppy disks that are not write-protected as they are accessed. In addition to infecting, Leandro contains a non-malicious payload. On October 21st of any year, the virus will display the following text:

Leandro and Kelly! GV-MG-Brasil

The text is followed by a date which typically matches the date of the first infection on the system.


Solution

response.write("SOLUTION NOT AVAILABLE IN THIS ENTRY.")

Connect with us on