Maximize
Bookmark

VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

Source code of computer viruses

CAPZLOQ TEKNIQ v1.0 - Virus for Linux by JPanic

Virus for Linux

JPanic
Show all viruses by this author

2006-04-05

Comments
Download clt.zip (528657 bytes) or browse online

Author's description

CLT10 is a 1.2k infector of Win32 PE and Linux ELF files. The virus runs under 2 very different platforms: Win32 and Linux. One of the main aims of this virus, besides running under dual Operating Systems, is keeping it small and simple.

On execution under either Operating System the virus attempts to infect all PE and ELF files in the current directory. Under Win32 the virus calls Kernel32.dll, whilst under Linux the virus calls INT 0x80.

Infection of Win32 PE files is achieved by adding the virus to the last section. This is a fairly standard method. When infecting Linux ELF files, the virus creates a cave after the PHdrs, before ".text".

The virus is written in TASM and assembles and links to a Win32 PE host. This host can be used to infect other PE or ELF files.

The virus is built with Borland 'make' - see <'make' commands>.

- Best wishes: JPanic (aka Sepultura, aka The Soul Manager)!.


By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! vxer.org aka vx.netlux.org