Virdem Explained

Virdem was the first file virus for MS-DOS.[1] It was written by Ralf Burger in 1986 as a demonstration program for Chaos Computer Club conference. The virus spreads by attaching itself to files with the .COM file extension. It is one of the oldest viruses for MS-DOS computers.[2]

In December 1986, Burger distributed the virus at the Chaos Computer Club conference in Hamburg, Germany.[3] The virus could copy itself and attach that copy to any .COM files. Virdem was fairly harmless [4]

Infection and symptoms

Virdem overwrites the host with its own code and saves the original program at the very end. It was a direct-action virus It only infected files that had a COM extension.[5] When an infected file is run, the next uninfected program becomes infected.

When infected, small COM files, less than 11k, grow by 2559 bytes and larger files grow by 1336 bytes. Infected programs ask to guess a number between is the generation number of the virus plus one. If you guess correctly, the program runs if not, it returns to DOS.

Technical details

It doesn't intercept interrupt 24h so a write-protected disk will give an "Abort, Retry, Ignore" message. Read-only files are set to read/write, infected and then not set back to read-only. The virus had two NOP instructions at the beginning of the file.[6]

References

  1. Book: Bhargav, Abhay . Secure Java: For Web Application Development . 2010-09-14 . CRC Press . 978-1-4398-2356-9 . en.
  2. Book: Skoudis . Ed . Malware: Fighting Malicious Code . Zeltser . Lenny . 2004 . Prentice Hall Professional . 978-0-13-101405-3 . en.
  3. Book: Salomon, David . Elements of Computer Security . 2010-08-05 . Springer Science & Business Media . 978-0-85729-006-9 . en.
  4. Book: Danesh . Arman . Safe and Secure: Secure Your Home Network, and Protect Your Privacy Online . Lau . Felix . Mehrassa . Ali . 2002 . Sams Publishing . 978-0-672-32243-3 . en.
  5. Book: Szor, Peter . The Art of Computer Virus Research and Defense . 2005-02-03 . Pearson Education . 978-0-672-33390-3 . en.
  6. Book: Solomon, Alan . PC Viruses: Detection, Analysis and Cure . 2012-12-06 . Springer Science & Business Media . 978-1-4471-1031-6 . en.

External links