Win32.Murofet: what day is today?

Discussion in 'malware problems & news' started by Dermot7, Oct 10, 2010.

Thread Status:
Not open for further replies.
  1. Dermot7

    Dermot7 Registered Member

    Dec 20, 2009
    Surrey, England.
    " Murofet is able to infect executable files by injecting about 2000 bytes of its code at the end of the PE executable section; then the OEP is hijacked to the virus body.

    This small viral code acts as a downloader, used by Murofet to drop on the system its main binary. When the infected file is run, the injected code imports some APIs used by the malware to create a new viral thread and then allows the original infected application to run."

    Looks sophisticated? Thought some might like to see, from Prevx blog:
  2. CloneRanger

    CloneRanger Registered Member

    Jan 4, 2006
    Thanks for the link etc :thumb:
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.