Maximize
Bookmark

VX Heavens

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

Doin' the eagle rock

Peter Ferrie
Virus Bulletin, Mar 2010, pp. 4-6
ISSN 0956-9979
March 2010

PDFDownload PDF (45.16Kb) (You need to be registered on forum)
[Back to index] [Comments (2)]

Abstract

If a file contains no code, can it be executed? Can arithmetic operations be malicious? Here we have a file that contains no code, and no data in any meaningful sense. All it contains is a block of relocation items, and all relocation items do is cause a value to be added to locations in the image. So, nothing but relocation items – and yet it also contains W32/Lerock.

[Read the article]

deenesitfrplruua