News

Certificate Bypass: Hiding and Executing Malware from a Digitally Signed Executable

Malware developers are constantly looking for new ways to evade the detection and prevention capabilities of security solutions. In recent years, we have seen many different tools, such as new encryption techniques and others, that help malware reach this goal of hiding the malicious code. To further complicate the matter, new technique for hiding malware (encrypted and un-encrypted) is presented in BlackHat conference, that hide malware inside a digitally signed file (while still keeping the file with a valid certificate) and executing it from the memory, using a benign executable (which acts as a reflective EXE loader, written from scratch). The research demonstrates our Certificate Bypass tool and the Reflective EXE Loader.



For White Paper for this research: Click Here!
Certificate Bypass: Hiding and Executing Malware from a Digitally Signed Executable Reviewed by Ali Dharani on 10:29 PM Rating: 5

No comments:

Feel free to ask questions, we love to respond.

All Rights Reserved by The World of IT & Cyber Security: ehacking.net © 2014 - 2015
Powered By Blogger, Designed by Sweetheme

Contact Form

Name

Email *

Message *

Powered by Blogger.