My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Packer.Malware.Crypter.H

HIGH
MEDIUM
variable (depends on original malware)

Symptoms

Not applicable

Removal instructions:

Please let BitDefender disinfect your files.

Analyzed By

Daniel RADU, virus researcher

Technical Description:

 Files detected as Packer.Malware.Crypter.H are malware files which employ
a specific packer/protector to bypass AV detection and hide malware activity.
 Detecting if a file is packed is rather difficult and can only be done by
carefull analysis but here some clues for detection
         - 3 or more sections with random string names
         - section which contains the decryptor is the only one with write attribute
         - imports are in the last section
 
 Packer isn't very complicated or obfuscated but employs long loops where data
is decrypted to deter emulation.

  In the wild this packer/cryptor has been associated first time with Antivirus
2008 (a rogue antivirus).