Zmist

Win32.Zmist
Aliases Z0mbie.Mistfall
Type Computer virus
Isolation 2002
Point of origin Russia
Author(s) Z0mbie
Operating system(s) affected Windows
Filesize 9 kbytes

Zmist (also known as Z0mbie.Mistfall) is a metamorphic computer virus[1] created by the Russian virus writer known as Z0mbie. It was the first virus to use a technique known as "code integration". In the words of Ferrie and Ször:[2]

This virus supports a unique new technique: code integration. The Mistfall engine contained in it is capable of decompiling Portable Executable files to [their] smallest elements, requiring 32 MB of memory. Zmist will insert itself into the code: it moves code blocks out of the way, inserts itself, regenerates code and data references, including relocation information, and rebuilds the executable.

The virus has also been described in [3]

Variants

See also

References

  1. "ZMist: next generation viruses coming up". Wilders Security. Retrieved 18 February 2013.
  2. Ferrie, Peter; and Ször, Péter; Zmist opportunities, Virus Bulletin, March 2001, Abingdon, Oxfordshire (UK), pp. 6–7
  3. Aspevik, Egil; Detection of Junk Instructions in Computer Viruses, Masters Thesis, May 2008, University of Oslo (UiO).


This article is issued from Wikipedia - version of the 4/1/2015. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.