Virus targets AMD64


Virus targets AMD64

Symantec's security response experts have discovered the first proof-of-concept virus targeting AMD64, the W64.Shruggle.1318.

Written in AMD64 assembly code and based on the W32.Shrug virus, W64.Shruggle.1318 is a direct-action file infector, similar to W64.Rugrat.3344, which infects AMD64 Windows Portable Executable files.

W64.Shruggle.1318 searches 64-bit executable files in the folder where the virus was executed and all subfolders. When it finds a 64-bit executable file, the virus appends itself to all but .dll files.

"W64.Shruggle.1318 is a fairly simple proof-of-concept virus. However, it is the first known virus to attack 64-bit Windows executables on AMD64 systems," said Patrick Evans, regional manager at Symantec Africa.

The virus does not infect 32-bit Portable Executable files, and it will not run natively on 32-bit Windows platforms. However, it can be run on a 32-bit computer that is using 64-bit simulation software.

AMD began shipping AMD Athlon 64 desktop and notebook processors in September 2003 and AMD Opteron processors for servers and workstations in April 2003.

Written by Computing SA staff


Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy