Ransom32: are only 32-bit platforms vulnerable?

« Other questions
0
0

I have recently upgraded to 64-bit Windows. In the meantime, some of the mates of my mates got their PCs infected with Ransom32 that basically acts as outlined here http://nabzsoftware.com/types-of-threats/ransom32. The question is, can my 64 bit OS be affected, or does the malware target 32-bit systems only?

  • InfoSecTDK
    According to the web, most ransomware is 32-bit, however “CryptoWall 2.0 can run 64-bit code directly from the 32-bit dropper. It does this by leveraging the WoW64 (Windows 32-bit on Windows 64-bit) subsystem to switch the processor execution context.” If CryptoWall 2.0 can do this, then I expect others will be able to as well. http://www.isssource.com/ransomware-goes-64-bit/
  • You must to post comments
0
0

If you look at the 64-bit architecture, to retain compatablility with the previous 32-bit systems they’ve effectively take the 32-bit architecture and bolted more to the side. Thusly, as the chips contain equivical instructions the end result of attempting to execute 32bit code on a 64bit chip should be as per a 32bit chip.

Long story short, it makes no difference to the 32bit code – generally – if it’s a 64-bit chip(or OS) or not. Have code will execute. Look in C:\ – You should find a C:\Program Files\ and a C:\Program Files(x86)\. The “(x86)” one is where it stashes the 32-bit software you install.

  • You must to post comments
Showing 1 result
Your Answer

Please first to submit.