Virus.BAT.PolyBat

Home Threats Virus Virus.BAT.PolyBat

Class	Virus
Platform	BAT
Description	Technical Details This is a not dangerous nonmemory resident polymorphic BAT virus. It writes itself to the end of the files. When executed it searches for .BAT files in current, parent, current C: drive and root C: directories, then in all PATH directories and infect one batch file that is found. The virus uses polymorphic BAT engine similar to the “Batalia6” virus – it compresses itself with PKZIP and password, and adds to its entry code “junk” strings. The virus displays the text: (: PolyBat Morpher 🙂 While infecting a file the virus uses external DOS command and utilities: PKZIP, PKUNZIP, ATTRIB, FIND, and fails to infect the files if there are no such programs in PATH.
	Find out the statistics of the threats spreading in your region

Technical Details