Duqu Trojan contains mystery programming language in Payload DLL

By Shawn Knight
Mar 9, 2012
Post New Reply
  1. Experts at Russian computer security company Kaspersky have come to the conclusion that parts of the Duqu Trojan are written in an unknown programming language. Much of the code is…

    Read the whole story
  2. Lurker101

    Lurker101 TechSpot Addict Posts: 628   +122

    Maybe it's just Google's fun way of releasing DART to the public
  3. R3DP3NGUIN

    R3DP3NGUIN TechSpot Enthusiast Posts: 154

    An unknown programming language?, would it be that far-fetch to think maybe the defense/ government is involved. I mean if you think how they manipulate wars they can do the same for the cyber world. Creating a Virus that could take down major nations (which ironically target the likes of Iran or Iraq .etc.) could give the government an excuse for tightening Internet regulations (which they are already trying to do).

    that's just my 2 cents.
  4. Oh wow I never thought I would see the day programming experts would not know what language something is written in, it could be a new code the coders developed to keep certain contents hidden? only a suggestion but heck it could be possible.
  5. lipe123

    lipe123 TechSpot Guru Posts: 421   +75

    Wait the picture in the article is supposed to be this unknown mystery code?

    thats just assembly language, we used that kind of thing in computer class in 1995 already to get things like mouse pointer locations etc.
    It's seriously old school and will only run on OS'es that allows hardware access.
  6. Yeah, woulda been nice if they'd identified that as a stock photo (unless there's actually a little assembler in Duqu). In any case, the unknown language and high-level effort points directly to China.
  7. It looks like this

    http://en.wikipedia.org/wiki/High_Level_Assembly

    and it propably is in some way..
  8. It does look like assembly. I took a class on it a couple of years ago. Perhaps what they mean is what language was it written in before being converted to machine instructions? They are reverse engineering it after all, I doubt they have the source lol
  9. Not sure about the code? There's a logical explanation for all this.

    ANCIENT ALIENS.
  10. just a little hand coded assembly
  11. similar to Assembly
     
  12. It's decompiled version of virus, turned into assembly code you scientists, assembly isn't the language used to program. Most of the code is written in C++ language, but there is a part of code which is written with an unknown/home made programming language (mix of Lisp and C++) and linked to the rest of the code; That's what they are trying to figure out already to know how the virus behaves there -_-
  13. yorro

    yorro TechSpot Enthusiast Posts: 244

    I thought Dart was similar to Javascript?
  14. Uninformed commenters, cowboy up!
  15. assembly language with a java twist. keep the virtual machine server side.
  16. If that picture is the code, that's just some Assembly, looks like x86 to me.
  17. VitalyT

    VitalyT TechSpot Evangelist Posts: 1,651   +506

    I've been programming in assembler for many years, and that piece of code does not appear to me anything out of ordinary. Such should compile in MASM without any problem.

    And making statements that it wasn't written in C++ or other languages on the list is not well thought out. The truth is, many C++ implementations support inline assembler extensions and overrides. And Microsoft C++ is especially so, one can override and implement in assembler anything within C++ framework. Even .NET allows that in part!

    So what's all the noise about and government conspiracy nonsense again?
  18. Zeromus

    Zeromus TechSpot Enthusiast Posts: 231   +7

  19. Mystery programming language? That looks like assembly language. Is everyone so young that they have not heard of or used assembly language? Or am I that old that I am one of the few people left that have programmed in assembly language? ;)
  20. Caveat: I am an old (retired) geek who used to play with machine code and assembly language. Not for anything practical or useful, just to see if it could be done ("untainted by practical application").

    This is funny. I know I have written some strange programs in my time and I seem to remember my first evaluation where my boss noted that my code, “appears to have been written in an unknown programming language.” The reference in the comments about a secret government program makes old geeks empathize even more with Myron Aub in Asimov’s “The Feeling of Power”. (Google it)
    /tdw/
  21. Yes, congratulations, you are indeed looking at assembler language - which is how any sane person would be looking at reverse engineered code - that does not identify the language it was written in. I hope you're all 15 years old, because the lack of thought in these comments is disturbing.
  22. marinkvasina

    marinkvasina TechSpot Enthusiast Posts: 259   +9

    Um why do u people think that u know better than the kaspersky team? If its some random coding language they would have figured it out by now.
  23. 3DCGMODELER

    3DCGMODELER TechSpot Enthusiast Posts: 307   +18

    Its a new code, a new language..
    thats all..

    :)
  24. If they wanted to get your opinion about this strange, new, wonderful, exotic language. Then they should shown us the code instead of showing us assembly. Besides, I know coders who compile to c++ to assembly \, then tweak the assembly.
  25. To everyone who says "Looks like assembly to me, I know cause I'm l33tz0rs." Please just stop.

    1) Compiled languages (such as C and C++) are converted into machine code when compiled. Once this step is complete, a true and accurate picture of the original code is no longer retrievable due to compiler optimizations.

    2) Reverse engineering an executable is usually done by converting the machine code into assembly since assembly is usually one-to-one (one machine instruction = one line of code, although this is not always true).

    3) When compiling code, a compiler goes through a well defined list of steps. This produces machine instructions that have a noticeable pattern. By looking at the pattern of the assembly instructions, one can generally get an idea of what language the original code was written in due to the patterns produced by following a list of steps.

    So yeah... please stop.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.