Saturday, March 10, 2007

Shots from the Malicious Wild West - Sample Two

Packers are logically capable of rebooting the lifecycle of a binary and making it truly unrecognizable. The Pohernah Crypter is among the many recently released packers you might be interested in taking a peek at. By the time a packer's pattern becomes recognizable, a new one is introduced, and in special cases there are even packers taking advantage of flaws in an AV software itself.

Compared to the common wisdom of malware authors being self-efficient and coming up with packers by themselves, we've already seen cases where investments in purchasing commercial anti-debugging software is considered. You may find these test results of various anti virus software against packed malware informative, which as a matter of fact truly back up my experience with the winning engines and their performance in respect to packed malware.

File size: 6901 bytes
MD5: 6ce1283af00f650e125321c80bf42097
SHA1: 08ac9a9e2181d8a94e6d96311c21c8db1766e2f1

No comments:

Post a Comment