Threat Description

Other:​W32/Constructor

Details

Aliases:Virus Creation Tool, Virus Construction Kit, Virus:​W32/Constructor, VIRTOOL
Category:Malware
Type:Constructor
Platform:W32

Summary



A program or utility used to construct malware.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More

You may wish to refer to the Support Community for further assistance. You also may also refer to General Removal Instructions for a general guide on alternative disinfection actions.



Technical Details



A Constructor is a virus creation toolkit used by malware authors to assemble malware from prepared 'building blocks' of code. Such programs allow users with little technical knowledge to easily create a complex polymorphic malware. The most famous Constructors are VCL, SennaSpy, BWG, PS-MPC, TPPE and IVP .

Constructor kits come with a variety of options, ranging from very simple to very sophisticated. A typical kit is very easy to use, as it eliminates the need for programming knowledge and skills. A user can create malware simply by selecting the features desired.

A Constructor kit's ease of use is demonstrated by an incident in which an unknown person created more than 15,000 viruses using a constructor and sent them to antivirus companies.

Fortunately, because the malware produced from these programs uses a finite set of code blocks and known polymorphic engines, they can be detected using Generic Detections.






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More