Home / malwarePDF  

Trojan:W32/DelfInject.gen!H


First posted on 29 September 2009.
Source: SecurityHome

Aliases :

There are no other names known for Trojan:W32/DelfInject.gen!H.

Explanation :

A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.

Additional DetailsTrojan:W32/DelfInject.gen!H is a Generic Detection for malicious files that arrives together with a special encapsulation code or program.

The malicious file is embedded in this program and utilizes several protection mechanism such as anti-debug, encryption, virtual machine detection and other related anti-antivirus techniques. The program may also inject the stored malicious file into a legitimate process thus hiding its own process.

The majority of malware that use this technique are Trojan-Downloaders; however, we have also seen it used by backdoors as another level of protection.

About Generic Detections

Unlike more traditional detections (also known as signatures or single-file detections) a Generic Detection does not identify a unique or individual malicious program. Instead, a Generic Detection looks for broadly applicable code or behavior characteristics that indicate a file as potentially malicious, so that a single Generic Detection can efficiently identify dozens, or even hundreds of malware.

Last update 29 September 2009

 

TOP