Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] New Proof-of-Concept Virus for Windows

Malware targets security research tool

,----[ Quote ]
| The malware infects the scripting language used by IDA, elements of which
| are sometimes shared between researchers during joint analysis efforts,
| to create a Windows executable file. This executable searches out new IDC
| files to create a new executable file. Gattmann is programmed only to
| spread and doesn't feature any malicious payload.
| 
| Gattman is a polymorphic virus, a technique that has fallen out of favour
| in recent times, which means it alters its appearance as it spreads. Both
| the IDC and EXE parts of this virus can change their form as they
| replicate. The changes in EXE files generated by Gattman use
| file-morphing utilities on each infected PC. Such utilities are
| often found on the PCs of malware researchers but uncommon more
| generally.
`----

                http://www.theregister.co.uk/2006/07/06/gattmann_virus/

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index