Threat Description

Other:​W32/Constructor

Details

Aliases: Virus Creation Tool, Virus Construction Kit, Virus:​W32/Constructor, VIRTOOL
Category: Malware
Type: Constructor
Platform: W32

Summary



A program or utility used to construct malware.



Removal



Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.



Technical Details



A Constructor is a virus creation toolkit used by malware authors to assemble malware from prepared 'building blocks' of code. Such programs allow users with little technical knowledge to easily create a complex polymorphic malware. The most famous Constructors are VCL, SennaSpy, BWG, PS-MPC, TPPE and IVP .

Constructor kits come with a variety of options, ranging from very simple to very sophisticated. A typical kit is very easy to use, as it eliminates the need for programming knowledge and skills. A user can create malware simply by selecting the features desired.

A Constructor kit's ease of use is demonstrated by an incident in which an unknown person created more than 15,000 viruses using a constructor and sent them to antivirus companies.

Fortunately, because the malware produced from these programs uses a finite set of code blocks and known polymorphic engines, they can be detected using Generic Detections.






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More