Maximize
Bookmark

VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

Looking a Bagift-Horse in the Mouth

Peter Ferrie, Frédéric Perriot
Virus Bulletin, March 2003, pp.4-5
ISSN 0956-9979
April 2003

PDFDownload PDF (43.05Kb) (You need to be registered on forum)
[Back to index] [Comments]

Abstract

[...] W32/Bagif is a polymorphically encrypted, entry point-obscuring, anti-heuristic, memory resident, parasitic infector of Windows Portable Executable files that are not DLLs. It replicates across mapped drives and shared directories on local area networks, and it appears to be based on the code of several existing viruses. In the same way that the author of W95/Bistro had his signature changed in the copy of the virus that was released, it is very likely that the author of W32/Bagif is not the one named in the code. [...]

[Read the article]

By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! vxheaven.org aka vx.netlux.org
deenesitfrplruua