Jump to content
View in the app

A better way to browse. Learn more.

Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Featured Replies

Posted

Analyzing a MS-DOS malware (Possibly). Is it possible if I can get more information on this malware as I have not been able to decipher the actual effects and features of the malware ? Findings: Not a PE file, nor an executable or DLL and possibly some form of cascade virus.

Info:  will be marked by windows defender as a Trojan, Unpack the malware in a sandbox to carry out testings, recommended to NOT unpack in your actual systems.

MS-DOS_Malware.zip

Edited by Nexusburst

That is COM file, the very common file format back in the old DOS days. :) It doesn't have any headers, execution starts from the very beginning of file.

It really is infected with Cascade 1701 virus, but I can't determine the exact strain.
Cascade was a file-infecting virus, appending its code to the end of an infected file. You can read short description here: https://wiw.org/~meta/vsum/view.php?vir=266

The closest *useful* source code I could find is this: https://github.com/guitmz/virii/blob/master/0-9/1704.asm - it is not the exact match (Cascade 1704) but is very well commented. It should get you started.
Other source codes (eg. https://github.com/guitmz/virii/blob/master/0-9/1701.asm or https://github.com/guitmz/virii/blob/master/0-9/1701-b.asm) are pretty much useless.

As for analysis environment - IDA disassembler works fine, if you set it to disassemble as 16 bit code. DOSBOX works well as the sandbox for debugging purposes.
Unfortunately I can't recommend any particular debugger, everything from the DOS days feels extremely user unfriendly. Pick whatever feels right to you.

Create an account or sign in to comment

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.