back

A deep dive into the world of DOS viruses

Explaining in detail just how those little COM files infected and played with us back in the day

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:38:12
Language
English
Abstract
It is now 27 years since MS-DOS 5.0 was released. During its day there was the threat of viruses breaking your system or making it act in unpredictable ways. Due to its age and near total lack of consumer use it is safe to assume that all of the viruses for MS-DOS have been written. Using community archives and modern analysis methods we can uncover how they worked and reflect on how things have changed.

Computers have come a long way in the last 27 years, and so has malware too. This talk will start off with some of the most famous and widely known payloads. A basic guide on how MS-DOS runs applications, and we will work up from there to analysing all 17k+ samples with that are in the archives using automatic tooling to pick out some of the most interesting ones.

If you don’t have reverse engineering skills, don’t be afraid! We will start off with the basics of how the IBM PC works, MS DOS execution, binary runtime, and how we automatically run/disassemble/trace/fuzz malware on mass.

Talk ID
9617
Event:
35c3
Day
2
Room
Borg
Start
11:30 p.m.
Duration
01:00:00
Track
Security
Type of
lecture
Speaker
Ben Cartwright-Cox
Talk Slug & media link
35c3-9617-a_deep_dive_into_the_world_of_dos_viruses

Talk & Speaker speed statistics

Very rough underestimation:
152.3 wpm
863.2 spm
100.0% Checking done100.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
0.0% Nothing done yet0.0%
  

Work on this video on Amara!

Talk & Speaker speed statistics with word clouds

Whole talk:
152.3 wpm
863.2 spm
dosvirustimeprogramcodefilemalwarebenbitthingmicrophone1goodregistersexamplesystemsegmentvirusesmsmemorydatafilessyscalldayquestioninterestingstring16prettycpunicepointerafindsethardsyscallsrunningsamplesthingsinternetremoveangelforcestackawarems-doseffectivelycasework