Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
@matt-jd that's the question yes
I grabbed 30 random DOS malware samples from my collection, rolled via urand over Python list, and tried to figure out how they work.
Results:
1x zipped EICAR
4x working but effectively useless ("yeah you wiped the first 100 sectors of the drive... but you wrote their prior contents. Literally nothing's changed...")
10x CPU hang
10x crashdump back to DOS
5x crashdump back to DOS but ERRORLEVEL=0 so normal termination despite real errors being given?
also make sure SOURCER is disassembling using 486 or Pentium opcodes or it misses some 286/386 opcodes and will count half the program as data.
rant