Peter Ferrie
Virus Bulletin, Mar 2010, pp. 4-6
ISSN 0956-9979
March 2010
Download PDF (45.16Kb) (You need to be registered on forum)If a file contains no code, can it be executed? Can arithmetic operations be malicious? Here we have a file that contains no code, and no data in any meaningful sense. All it contains is a block of relocation items, and all relocation items do is cause a value to be added to locations in the image. So, nothing but relocation items – and yet it also contains W32/Lerock.