Rustock.C. The name tells you nothing can be and yet it would be better! lol. At the security conference Hack.lu , Boldewin Frank gave a presentation on this rootkit son who gives a lot of headaches for analysts. For the protection of this malware in our program:
- Anti-debugging
- of ofuscation code
- engines polymorphic and metamorphic (Morpheus, is that you?: Op)
- and garbage collection .
Sources: SecuObs.com
Presentation Frank Boldewin: reconstructer.org (PDF)
0 comments:
Post a Comment