Selamat Datang Di Pasang Iklan Surabaya

Trojan Dropper

Trojan.Dropper

Trojan.Dropper is a generic term for a type of trojan. Droppers simply "drop other files" which are usually trojans.
So here we are, some time and day, and I randomly grab a recent ITW file - being scanned by Jotti's Online Malware Scan. I grabbed a "dropper" detection which was very recent. Droppers are very interesting as we will see. It is undetected by many antiviruses.

This "dropper" is no dropper at all - I find it is just a legitimate WISE extraction tool, which may not therefore be unpackable by many AV scanners. This is an installer not "dropper" - yet has the dropper effect. I'll update this article with more droppers soon.
Everything is then compressed like a ZIP file and unreadable so no point looking further for this simple article.

Good antivirus scan engine!

Immediately on detecting a known installer, a good scan engine goes into archive analysis. This can then start additional heuristic rules and start judging the file.

Of course KAV detects the embedded trojan thanks to a rather feature complete antivirus scan engine. Dr Web also detects this one by a type of signature.. and then heuristic is added!

Download Trojan Dropper !

Category:

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)

You can replace this text by going to "Layout" and then "Page Elements" section. Edit " About "


Diberdayakan oleh Blogger.

Wibiya Widget

Free Website Hosting