Unlike other articles, this brief did not focus on the AMD64 aspect of the infector, but its ability to use some new techniques to protect its execution from defensive reverse engineering.

The original brief was careful to discuss the virus as an infector of the Windows hooks into the AMD64 platform.

That said, I did not highlight the Intel processor which also uses the AMD64 technology nor did I mention that a 32-bit version of the virus use similar obfuscation techniques, so the article has been corrected to include those points.

-R

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/292/1334#1334