Malware may implement features to make analysis more difficult. These are known as anti-analysis techniques.
Links to this note
- anti-debugger
- Main Index
- defendingagainstmaliciousshims-pierce2015
- knockknock-osxreverser2021
- process masquerading
- rootkits hiding CPU usage
- most observed sshd backdoors shared the same rough feature set
- cesare1999
- Payload Encryption
- Azazel rootkit
- Compiler Options - Anti-Reversing
- crypter
- dynamic obfuscation
- function name randomization
- hidden files and directories
- homoglyph obfuscation
- honeypot detection
- IP Address Obfuscation
- IPfuscation
- Main Index - A
- malware blending in with the system
- Manual Analysis
- matryoshka obfuscation
- MemFiles
- Skidmap malware
- stack strings
- string encryption
- string hashing
- string obfuscation
- timestomping
- unset HISTFILE
- userland exec
- Virtual Machine Detection