Исходные тексты компьютерных вирусов
Hiewg - Virus for Windows by roy g biv
Virus for Windows
roy g biv
Show all viruses by this author
2009-09-09
Download hiewg.zip (12571 bytes) or
browse onlineAuthor's comments
- parasitic direct-action infector of PE exe/dll (but not looking at suffix)
- infects files when Hiew loads them
- last section appender
- uses CRCs instead of API names
- section attributes are never altered (virus is not self-modifying)
- no infect files with data outside of image (eg self-extractors)
- uses new method to find kernel address (no hard-coded addresses, Windows 7 RC compatible!)
yes, just a W32.Hidan remake that infects Hiew instead of IDA
See also roy g biv "The Hiew Plugin framework"
Пожертвовать