Slide 23
Slide 23 text
Malware Introduction to Malware – Focus on Remote Administration Tool Family
Malware Techniques Evasion Techniques
# Malware use Evasion Techniques to avoid detection, analysis
https://www.slideshare.net/ThomasRoccia/malware-evasion-techniques
Packer/Binder/Crypter
Compress/Encrypt, IAT Protect, Code Virtualizing
Process Injection
Process Hollowing, DLL Injection, Process Doppelganging
Sandbox Evasion
VM Artifacts, x86 Instructions, Sleep, Running Process
Anti-Virus Evasion
Disabling AV, file Size, Injection
Obfuscation
Base64, XOR, Encryption, Hash, Custom
Anti-Debugging
Windows API, Timing Check, Debugger Detection
Anti-Forensic
Melting, File-less, Wiper, Removal