8326442@AWIWUW11.BITNET (Martin Zejma) (06/24/91)
Hello virus-community |
About 2 month ago I got a (the) Whale-Virus from a friend, cause I've
been interested in dissasembling that famous monster ( just from the
size ).
After long nights of work I discovered almost all of the code, and it
seemed to be quite trivial , the unbelieveable mysterious actions I
expected to see didn't exist.
So the question is:
IS there ANY action triggered beside copying the MBR from the 1st
harddisk to a file appended with a warning message about the Fish #6
Virus and leaving some infected files destroyed ??? ( something like
the nice falling letters triggered by the Cascade Virus ?? )
So long, Martin
PS.: if anybody wants more or less specific information about the Whale ,
feel free to e-mail me.
+-----------------------------------------------------------------------+
| Martin Zejma 8326442 @ AWIWUW11.BITNET |
| |
| Wirtschaftsuniversitaet Wien --- Univ. of Economics Vienna/Austria |
+-----------------------------------------------------------------------+CHESS@YKTVMV.BITNET (David.M.Chess) (06/27/91)
No, I don't think anyone's ever found any evidence of any significant "payload" inside the Whale. It spent so much (primarily futile) effort in being hard to analyze that it didn't have room for any sophisticated payload (or even for correct operation, hehe!). DC