Pestilence is a self-replicating oligomorphic virus. It recusively replicates in /tmp/test(2) directories adding a custom "signature" string into each infected file. To check the signature, simply copy/paste the following command : strings /tmp/test* | grep <signatureName>

• Infect all of the binaries located in /tmp/test and /tmp/test2 directories
• Infect all of the binaries of type executable ELF x86_64
• Insert a signature like 'Pestilence version 1.0 (c)oded by first-login - second-login'
• Create an obfuscation method to hide the infection routine
• Create a deobfuscation method that will run the infection
• DO NOT re-infect the an already infected file
• DO NOT run infection if a specific process is running on host
• DO NOT run infection if the program is launched into gdb, etc
• Change signature (not randomly) when infecting new binaries

• Infect all files from the root directory
• Pack the binary with a compression algorithm
• Add a secret backdoor (open port, ...)
• Exchange parts of the file randomly, without changing virus behavior
• Change junks instructions randomly, without changing virus behavior