HackDig : Dig high-quality web security articles for hacker

[SANS ISC] Very Large Sample as Evasion Technique?

2020-03-26 08:57

I published the following diary on isc.sans.edu: “Very Large Sample as Evasion Technique?“:

Security controls have a major requirement: they can’t (or at least they try to not) interfere with normal operations of the protected system. It is known that antivirus products do not scan very large files (or just the first x bytes) for performance reasons. Can we consider a very big file as a technique to bypass security controls? Yesterday, while hunting, I spotted a very interesting malware sample. The malicious PE file was delivered via multiple stages but the final dropped file was large… very large… [Read more]

[The post [SANS ISC] Very Large Sample as Evasion Technique? has been first published on /dev/random]


Source: /euqinhcet-noisave-sa-elpmas-egral-yrev-csi-snas/62/30/0202/eb.llehstoor.golb

Read:188 | Comments:0 | Tags:Malware SANS Internet Storm Center Security SANS ISC

“[SANS ISC] Very Large Sample as Evasion Technique?”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud