Welcome to the Computer Security Wiki! You can help us by expanding stubs, create new articles and improve current articles.
You can also help us by logging-in or creating an account!

Assembly

From Malware Wiki
Jump to: navigation, search

Stubsymbol.png This article is a stub. You can help by editing it.

Nomalware.png This page is not malware, despite having an article on the Wiki.

Assembly contains content from the Virus Wiki, which can be found at this link! Please remove this notice if First Party information is outnumbered by the Third Party information or the Third Party info is deleted. Additional notes may be left here: "Copied due to inactivity."


Assembly (also known as Machine Language, Assembler or Asm) is a complex, low-level programming language that can be used to make both programs and operating systems. Some malicious programs like Slammer, Boza and Magistr are written in Assembly.

Assembly is assembled, rather than compiled. Most compilers turn the code into assembly, and then assemble that. The reason is that each command in assembly directly corresponds to an opcode, or a specific number that means something to the processor. There are many assemblers for Assembly, including NASM, FASM, and GAS. NASM uses the standard Intel syntax, while GAS uses the AT&T syntax. Both are Intel Assembly, but each have a different syntax for writing.

Assembly is machine specific, ie. one assembly program written for an Intel 80386 will not make sense to a Zilog Z80 processor. Most PCs use an Intel processor, so most viruses use Intel assembly. Some examples of instructions in assembly are MOV (moves data around), XOR (xors two values), and JMP (jumps to a memory address). The advantage of assembly for viruses is that it is extremely low level and can be disguised in a string and executed with a buffer overflow.