Class | Virus |
Platform | Win32 |
Description |
Technical DetailsThis is a family of dangerous Win32 viruses. Win32.Chiton.lWhen launching, the virus writes itself to vb6eng.dll. When any application which uses this DLL is launched, the virus will search for and infect Win32 applications (PE files). When infecting files, it writes itself to the end of the file. It does not re-infect already infected files. The virus does not manifest its presence in the system in any way. It contains the text string;
Win32.Chiton.mThis virus searches for and infects PE files. EXE files are infected by patching the API Process Thread Creation offset. Other PE files will be infected by replacing the code at entry point with the virus code. This virus does not re-infect already infected files. The virus includes antidebugging techniques. The virus does not manifest its presence in the system in any way. The virus code contains errors. It contains the text string:
|
Find out the statistics of the threats spreading in your region |