Win32.Liora.B
5 minute read Published:
Windows version of Linux.Liora
So I decided to port my Linux.Liora (https://github.com/guitmz/go-liora) Go infector to Win32 and it worked great. Minor tweaks were needed in the code, you can run a diff between both and check it out.
EDIT: Fixed the PE verification routine, it checks for a proper PE file now. Thanks hh86!
Virus source:
/* * Win32.Liora.B - This is a POC PE prepender written in Go by TMZ (2015). * * Win32.