Virus targets AMD64

News

Virus targets AMD64

Symantec's security response experts have discovered the first proof-of-concept virus targeting AMD64, the W64.Shruggle.1318.

Written in AMD64 assembly code and based on the W32.Shrug virus, W64.Shruggle.1318 is a direct-action file infector, similar to W64.Rugrat.3344, which infects AMD64 Windows Portable Executable files.

W64.Shruggle.1318 searches 64-bit executable files in the folder where the virus was executed and all subfolders. When it finds a 64-bit executable file, the virus appends itself to all but .dll files.

"W64.Shruggle.1318 is a fairly simple proof-of-concept virus. However, it is the first known virus to attack 64-bit Windows executables on AMD64 systems," said Patrick Evans, regional manager at Symantec Africa.

The virus does not infect 32-bit Portable Executable files, and it will not run natively on 32-bit Windows platforms. However, it can be run on a 32-bit computer that is using 64-bit simulation software.

AMD began shipping AMD Athlon 64 desktop and notebook processors in September 2003 and AMD Opteron processors for servers and workstations in April 2003.

Written by Computing SA staff
 
 
 

 


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy