1260 (computer virus): Difference between revisions

Content deleted Content added

Inline

Revision as of 21:24, 25 July 2012

1260, or V2PX^[1]^[2], was a computer virus written in 1989 by Mark Washburn that used a form of polymorphic encryption. Derived from Ralph Burger's publication of the disassembled Vienna virus source code, the 1260 altered its signature by randomizing and obfuscating its decryption algorithm in an effort to keep its signature length short and variable. Both the 1260 and Vienna infect .COM files in the current or PATH directories upon execution. Signature alteration of an authenticated executable file is detected by most modern computer operating systems.^[3]^[4]^[5]

References

^ "Threat Assessment of Malicious Code and Human Threats," History of Viruses, National Institute of Standards and Technology, Computer Security Division, internal report.
^ IBM's PC "Virus Timeline," IBM research report.
^ McAfee Labs Threat Center, Details and results of V2PX virus analysis.
^ "Patricia Hoffman's VSUM Virus Information Summary List," V2P6 virus.
^ "1260 (computer virus)," article.

This malware-related article is a stub. You can help Wikipedia by expanding it.

1260, or V2PX

[1] "Threat Assessment of Malicious Code and Human Threats," History of Viruses, National Institute of Standards and Technology, Computer Security Division, internal report.

[2] IBM's PC "Virus Timeline," IBM research report.

[3] McAfee Labs Threat Center, Details and results of V2PX virus analysis.

[4] "Patricia Hoffman's VSUM Virus Information Summary List," V2P6 virus.

[5] "1260 (computer virus)," article.

[1]

[2]

[3]

[4]

[5]

Revision as of 21:21, 25 July 2012 edit 67.4.129.94 (talk) No edit summary ← Previous edit		Revision as of 21:24, 25 July 2012 edit undo 67.4.129.94 (talk) No edit summary Next edit →
Line 1:		Line 1:
	'''1260''', or V2PX<ref>[http://csrc.nist.gov/publications/nistir/threats/subsubsection3_3_1_1.html "Threat Assessment of Malicious Code and Human Threats,"] History of Viruses, National Institute of Standards and Technology, Computer Security Division, internal report.</ref><ref>[http://www.research.ibm.com/antivirus/timeline.htm IBM's PC "Virus Timeline," ] IBM research report.</ref>, was a [[computer virus]] written in 1989 by [[Mark Washburn]] that used a form of [[Polymorphic code\|polymorphic encryption]]. Derived from Ralph Burger's publication of the [[Reverse engineering\|disassembled]] Vienna virus [[source code]], the 1260 altered its [[Antivirus_software#Signature-based_detection\|signature]] by [[Randomization\|randomizing]] and obfuscating its [[decryption]] [[algorithm]] in an effort to keep its signature length short and variable. Both the 1260 and Vienna infect [[.COM]] files in the current or [[PATH (variable)\|PATH]] directories upon execution. Signature alteration of an authenticated executable file is detected by most modern [[Operating_system\|operating systems]].<ref>[http://www.mcafee.com/threat-intelligence/malware/default.aspx?id=98074 McAfee Labs Threat Center], Details and results of V2PX virus analysis.</ref><ref>[http://wiw.org/~meta/vsum/view.php?vir=1476 "Patricia Hoffman's VSUM Virus Information Summary List,"] V2P6 virus.</ref><ref>[http://www.articleworld.org/index.php?title=1260_(computer_virus)&printable=yes "1260 (computer virus),"] article.</ref>		'''1260''', or V2PX<ref>[http://csrc.nist.gov/publications/nistir/threats/subsubsection3_3_1_1.html "Threat Assessment of Malicious Code and Human Threats,"] History of Viruses, National Institute of Standards and Technology, Computer Security Division, internal report.</ref><ref>[http://www.research.ibm.com/antivirus/timeline.htm IBM's PC "Virus Timeline," ] IBM research report.</ref>, was a [[computer virus]] written in 1989 by [[Mark Washburn]] that used a form of [[Polymorphic code\|polymorphic encryption]]. Derived from Ralph Burger's publication of the [[Reverse engineering\|disassembled]] Vienna virus [[source code]], the 1260 altered its [[Antivirus_software#Signature-based_detection\|signature]] by [[Randomization\|randomizing]] and obfuscating its [[decryption]] [[algorithm]] in an effort to keep its signature length short and variable. Both the 1260 and Vienna infect [[.COM]] files in the current or [[PATH (variable)\|PATH]] directories upon execution. Signature alteration of an authenticated executable file is detected by most modern computer [[Operating_system\|operating systems]].<ref>[http://www.mcafee.com/threat-intelligence/malware/default.aspx?id=98074 McAfee Labs Threat Center], Details and results of V2PX virus analysis.</ref><ref>[http://wiw.org/~meta/vsum/view.php?vir=1476 "Patricia Hoffman's VSUM Virus Information Summary List,"] V2P6 virus.</ref><ref>[http://www.articleworld.org/index.php?title=1260_(computer_virus)&printable=yes "1260 (computer virus),"] article.</ref>

	==References==		==References==