Hard-to-detect PE_VIRUT variants, with their entry point obscuring (EPO) techniques, created quite a buzz last April. Before PE_VIRUT stole the scene, however, there was another file infector that may not have made as much noise as PE_VIRUT, but had an infection routine that can rival Virut’s in its complexity. Detected in the wild last February, PE_DARKSNOW employs old, new, and borrowed tactics enough to keep threat analysts on their toes. Read more about this file infector here.