This article is within the scope of WikiProject Crime and Criminal Biography, a collaborative effort to improve the coverage of Crime and Criminal Biography articles on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Crime and Criminal BiographyWikipedia:WikiProject Crime and Criminal BiographyTemplate:WikiProject Crime and Criminal BiographyCrime-related
This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing
This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.InternetWikipedia:WikiProject InternetTemplate:WikiProject InternetInternet
This article is within the scope of WikiProject Microsoft Windows, a collaborative effort to improve the coverage of Microsoft Windows on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Microsoft WindowsWikipedia:WikiProject Microsoft WindowsTemplate:WikiProject Microsoft WindowsMicrosoft Windows
This article is within the scope of WikiProject United States, a collaborative effort to improve the coverage of topics relating to the United States of America on Wikipedia. If you would like to participate, please visit the project page, where you can join the ongoing discussions.
This malware uses a fault (of which their are many) when emulating MS DOS. In Virtual mode (as apposed to real), the monitor cannot spot self-modifying code allowing a TSR to hook into the real (ring-0) kernal vectors. The action of reading a 16-bit number from address $ffff works on an 8086, 80186 and 80386 BUT crashes in 80286. To emulate MS DOS programs, the monitor has to emulate how different cores reacted. The length of ignore.dll in Wannacry and analysis of this file shows that the file itself and the 16K NTWINKR.exe file it downloads are identical. — Preceding unsigned comment added by 81.99.74.135 (talk) 21:11, 13 June 2017 (UTC)[reply]