SecurityHome.eu Win32.Muce.A

Home / malware PDF

Win32.Muce.A

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Win32.Muce.A is also known as Win32.Puce.A.
Explanation :
The virus is written in Borland C++. Once executed, it searches for executable files on current drives (from C: to Z: - even mapped drives), and infects them.

The original file is encrypted and inserted into the resource section of a new copy of the virus. The encryption key is randomly generated, and inserted into the same resource section.

When executing an infected file, the virus extracts the victim file from its resource section, decrypts it, drops the decrypted file, and then executes it.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20