Updating master boot code
If you have been dual booting with Linux, then you probably know one of the Linux boot managers like Grub or LILO has been installed in the MBR of your hard drive.
What can you do when you no longer want Linux on that hard drive?
Petya overwrites the Master Boot Record (MBR), along with its neighboring sectors using its boot code and a small kernel code.
The MBR contains the master boot code, the partition table, and other relevant information regarding the primary disk of a given computer system.
Once a reboot is triggered during the initial attack stage, Petya displays a fake CHKDSK, which is actually part of the encryption routine.In the original version, the skull is red, while in some variants it is green.In its initial stage, Petya arrives as a regular malware and tries to overwrite the MBR and other sectors with its code.I see something nasty lurking This is where malware comes into play.Being the first code to get executed gives you an advantage in the arms race between malware and anti-malware.