Difference between revisions of "Exotic Tricks"
|Line 1:||Line 1:|
Revision as of 16:26, 30 December 2016
Malware coders can sometime be inventive to hide a malicious file. This section contains all the unclassified techniques.
Below is a list of all the exotic tricks in Unprotect Project:
|Infection by localisation||Some Malware infects machine by localisation. Some governments protect malicious activities unless the targets are in the country.|
|Malicious Shortcut||A Windows shortcut can stored some code to download an additional file or store the malicious file directly into the shortcut. This makes the malicious application fully undetectable by any antivirus.|
|Fake signature||Every exe file contain metadata that allow users to trust the third party that distribute the program. Malware are able to usurp the metadata in order to fool the user but also the security tools.|
|Deadline infection||Attacks can be performed during a limited time. To avoid detection some malware contain an deadline date. Once the date is reached the malware do not run anymore. Malware analyst have to change the time of the machine to run the file. This technique can also defeat a sandbox if the date is already outdated.|