Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus


Posts Tagged ‘alma’
June 8th, 2009

Inside Win32:Alma

Sometimes I really wonder, how complex the mythology about viruses and antiviruses is. Five minutes spent on a random community server, where people are talking about malware (except few special forums), can give you a hint what I mean. It is not a purpose of this post to refutate the widespread gossip, that AV vendors are writing malware just to be the first to detect it etc. What I want to show you is the relation between a formal description of a virus and its raw characteristics. I’m trying to choose the right samples for you (actually the samples, which are used to test an internal emulator), which contain a lot of nicely visible ASCII strings. Hopefully, you’ll catch the point of the “Inside” series – malware analysis is not a sci-fi :-) . Let’s look at Alma.

Read more…

Categories: analyses Tags: ,
Comments off