Cart
Packer.Malware.Crypter.H
SYMPTOMS: Not applicableTECHNICAL DESCRIPTION: Files detected as Packer.Malware.Crypter.H are malware files which employa specific packer/protector to bypass AV detection and hide malware activity. Detecting if a file is packed is rather difficult and can only be done by carefull analysis but here some clues for detection - 3 or more sections with random string names - section which contains the decryptor is the only one with write attribute - imports are in the last section Packer isn't very complicated or obfuscated but employs long loops where data is decrypted to deter emulation. In the wild this packer/cryptor has been associated first time with Antivirus 2008 (a rogue antivirus). Removal instructions: Please let BitDefender disinfect your files.ANALYZED BY: Daniel RADU, virus researcher |
