Site icon Panda Security Mediacenter

New Malware: Bck/tnegA.A

For some time we are getting used to malware that checks if it is being monitored with different tools. As the race between malware creators and Antimalware companies continues, new tools and techniques are being developed to try to gain a small advantage against the others.

Stealth techniques have been used since the old days. As Nature teaches us, hiding is a good technique. This type of malware used to hide from antivirus programs by using different tricks, for example, patching the interruption vector table.

But evolution never stops, and nowadays we have malware that is capable of detecting virtual environments, there is a whole lot of Adware, disguised as media codecs, that use this technique.

Bck/tnegA.A tries to check different monitor applications like Ethereal, ProcessExplorer, RegistryMonitor, HijackThis, Regedit preventing them from being executed.

 

Exit mobile version