Maximize
Bookmark

VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

Source code of computer viruses

Android - Virus for MS-DOS by Vecna

Virus for MS-DOS

Vecna
Show all viruses by this author

1997-00-00

Comments
Download android.zip (7564 bytes) or browse online

Author's notes

Ok, here is a boot virus which uses my engine, VRBL. The virus is a simple MBR/BOOT infector, with stealth only in the harddrive. It is fucking sim- ple. When you boot from a floppy, it infects the MBR and continues booting from the harddrive, so, if you forget a floppy in the drive and reboot, you won't be warned about this. Everything will work nice.

Int 13h is hooked, and if the harddrive MBR is accessed, the reads will be stealthed. When a floppy is accessed, the boot sector will be overwritten by the random loader, and the virus code will be put in the last sector of the root dir in 1.44 floppies. Other size of floppies will be probably da- maged, although this hasn't been tested yet.

The virus, to be really efficient, needs to be polymorphic in the code as well. To detect this virus, you only need to scan 0/0/3 in harddrives and 0/1/13 in floppies for a certain signature. Despite of this, Android will force AVs to change their scanners, because they will need to check other sectors than 0/0/1.


By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! vxer.org aka vx.netlux.org