Zmist

Template:Short description Template:Infobox computer virus Zmist (also known as Z0mbie.Mistfall) is a metamorphic computer virus^[1]^[2] created by the Russian virus writer known as Z0mbie. It was the first virus to use a technique known as "code integration". In the words of Ferrie and Ször:^[3]

This virus supports a unique new technique: code integration. The Mistfall engine contained in it is capable of decompiling Portable Executable files to [their] smallest elements, requiring 32 MB of memory. Zmist will insert itself into the code: it moves code blocks out of the way, inserts itself, regenerates code and data references, including relocation information, and rebuilds the executable.

Variants

Zmist.gen!674CD7362358 - discovered in 2012.
ZMist!IK - discovered 2011 - 2012.
Zmist.A - discovered in 2006 - 2007.

References

↑ Aspevik, Egil; Detection of Junk Instructions in Computer Viruses, Masters Thesis, May 2008, University of Oslo (UiO).
↑ Script error: No such module "citation/CS1".
↑ Ferrie, Peter; and Ször, Péter; Zmist opportunities, Virus Bulletin, March 2001, Abingdon, Oxfordshire (UK), pp. 6–7

External links

Template:Asbox

[1] Aspevik, Egil; Detection of Junk Instructions in Computer Viruses, Masters Thesis, May 2008, University of Oslo (UiO).

[2] Script error: No such module "citation/CS1".

[3] Ferrie, Peter; and Ször, Péter; Zmist opportunities, Virus Bulletin, March 2001, Abingdon, Oxfordshire (UK), pp. 6–7

[1]

[2]

[3]

Zmist

Contents

Variants

See also

References

External links

Navigation menu

Zmist

Variants

See also

References

External links

Navigation menu

Search