F-Secure Virus Descriptions : Moloch
This is a boot sector virus, which contains the following encrypted
texts:
OH-MY-GOD! Moloch (tm) is here!
Moloch is a trademark of SquiBoyz
The virus modifies only few bytes in the boot sector. It uses
variable encryption.
Moloch also modifies the CMOS settings to force a boot to happen
always from the hard drive. Finally, Moloch uses direct I/O to
control the hard drive, which makes it quite difficult virus
to bypass if it's already resident in memory.
[Analysis: Mikko Hypponen, F-Secure]
|
