Sometimes I really wonder, how complex the mythology about viruses and antiviruses is. Five minutes spent on a random community server, where people are talking about malware (except few special forums), can give you a hint what I mean. It is not a purpose of this post to refutate the widespread gossip, that AV vendors are writing malware just to be the first to detect it etc. What I want to show you is the relation between a formal description of a virus and its raw characteristics. I’m trying to choose the right samples for you (actually the samples, which are used to test an internal emulator), which contain a lot of nicely visible ASCII strings. Hopefully, you’ll catch the point of the “Inside” series – malware analysis is not a sci-fi :-). Let’s look at Alma.