Peter Ferrie
Virus Bulletin, Mar 2010, pp. 4-6
ISSN 0956-9979
March 2010
If a file contains no code, can it be executed? Can arithmetic operations be malicious? Here we have a file that contains no code, and no data in any meaningful sense. All it contains is a block of relocation items, and all relocation items do is cause a value to be added to locations in the image. So, nothing but relocation items – and yet it also contains W32/Lerock.