“W64.Rugrat.3344 is a direct-action infector (it exits memory after execution) of IA64 Windows Portable Executable (PE) files – this includes most Windows applications – excluding .dlls. It infects files that are in the same folder as the virus and in all subfolders. It is the first known virus for 64-bit Windows, and it uses the Thread Local Storage structures to execute the viral code. This is an unusual method of executing code. It does not infect 32-bit Portable Executable files, and it will not run on 32-bit Windows platforms. The virus is written in IA64 assembly code,” Symantic reports.
Full article here.