HeavyMetal is paraguayan old-style resident COM/EXE infector, with playload routinne grabbed from DAV's virii. It hides its own length in infected files (semistealth), uses some anti-debug tricks as well as int21 entry point tracing, and direct SFT manipulation to avoid suspective actions for heuristics (such a opening for write, seeking, etc).

Download source code of Heavy Metal here Download source code