Image default
Softorial

Virus Tutorial – Virus Structure

In general Virus have a little bit same structure, and it can be distinguishable to some code, that is :

  1. Virus Sign Code

Every virus have their identity. It can make from some of character or byte as a programmer want. Example, Virus A have a X sign and Virus B have a Y sign, so viruses can be identified by Antivirus as according to the sign. In hallo.roro.htt Virus the sign is a file in desktop.ini that have 299 byte size, or in w32.redlof.html Virus it has a folder file .htt as a sign in every folders with 13 Kb size.

 

  1. Virus Multiplication Code

A progam can not be categorized as a Virus if the program can’t duplicate theirself. For example, hallo.roro.htt Virus duplicating theirself  use a syssrv.exe program. The result of duplicating store in a desktop.ini file that have 299 byte size and hallo.roro.htt. So many ways that age of Viruses now to duplicate theirself .

 

  1. Defending And Hidding Detection Code

This code need to outwit the Antivirus. It can be with encrypt the file of the virus, unvicible the process of the computer, or show up the message while we try to run the virus application.

 

  1. Trigger Code

Every virus have a program or code to activate the main program. This program or code can be triggered assorted manner, for example, the virus active while we click or open the file from windows explorer. Or use a name with anna-kournikova.jpg.exe. With this name people will estimate that file is .jpg (Image File), in the fact that file is an application or file.exe or w32.hllw.pesin  Virus. The trigger file is SysTask.exe with MS-WORD icon. So user will be deceived and estimate that SysTask.exe is a MS-Word file.

 

  1. Manipulating Code

The function of this code is to delete the file, run some of  the application steal and send the data to an e-mail. The limitation of this manipulating is up to the maker, because of this the virus are categorized in program that has botch.

Related posts

Virus Tutorial – Kick Sothink (Flash Ship-Breaker) Using VB

adminviro

P3K Virus – Source Code Program FixDiary untuk Virus Diary dot exe

adminviro

Virus Tutorial – Weapons that need to kill virus

adminviro

Leave a Comment