Parent class: Malware
Malicious tools are malicious programs designed to automatically create viruses, worms, or Trojans, conduct DoS attacks on remote servers, hack other computers, etc. Unlike viruses, worms, and Trojans, malware in this subclass does not present a direct threat to the computer it runs on, and the program’s malicious payload is only delivered on the direct order of the user.Read more
Class: Packed
Malicious programs are frequently compressed – or packed – using a variety of methods combined with file encryption in order to prevent reverse engineering of the program and to hinder analysis of program behaviour with proactive and heuristic methods. Antivirus programs detect the results of the actions of suspicious packers, i.e. packed items. There are ways to prevent packed files from being unpacked: for example, the packer may not decipher the code fully, only to the extent that it is executed; or it may fully decrypt and launch a malicious program only on a certain day of the week. The main features that differentiate behaviours in the Suspicious Packers subclass are the type and number of packers used in the file compression process.Read more
Platform: Win32
Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.Description
This family includes programs that are protected from reverse engineering by means of suspicious packing.Top 10 countries with most attacked users (% of total attacks)
1
China
12.29%
2
Russian Federation
10.68%
3
Algeria
6.53%
4
India
4.38%
5
Brazil
3.85%
6
Vietnam
3.69%
7
Indonesia
3.46%
8
Turkey
3.41%
9
Germany
3.11%
10
Italy
2.62%
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!