Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
armadillo-cld2020-07-27 20:09:18
Malware
armadillo-cld, 2020-07-27 20:09:18

How is there PE file data that doesn't change?

Hello.
I want to write something like an antivirus for one virus, but I can't figure out how to detect it? The matter is that in a virus it is possible to specify any data. The path where it will be saved, etc. I'm going to run through the processes and compare with some PE information, but raw data etc. is not suitable, because after UPX or any other protector - they change. What data can be used to accurately determine that this is the file?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
SKEPTIC, 2020-07-27
@armadillo-cld

No way. If everything were so simple, then the virus industry would not have earned so much. And the antivirus industry.
Now antiviruses apply complex measures. For example, monitoring traffic, tracking strange calls to the operating system API, analyzing the operation of the program code, etc.

Similar questions
K
Khangeldy Ilebaev2015-04-20 09:15:33
How to open all links in multiple sites? 2Reply
S
Skyfin2020-08-06 21:32:31
Are there viruses on sites with PSD layouts? 1Reply
A
Airat Kadyrmaev2014-01-30 13:26:17
For what reason can a virus enter the site (when you enter from a mobile phone)? 3Reply
Y
yupic2014-02-01 12:24:38
Why do new followers appear on twitter without my knowledge? 6Reply
D
Darya Shvakh2020-08-13 10:03:37
How to defeat the world - EVIL, and remove - Advans Sistem Car? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question