Jump to content


Photo

DensityScout sniffs out malware in compressed files


  • Please log in to reply
No replies to this topic

#1 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 31,817 posts

Posted 30 April 2012 - 05:33 PM

QUOTE
DensityScout sniffs out malware in compressed files
By Mike Williams
2012-30-04

You think your PC is infected by something dangerous, but your regular antivirus package hasn?t raised any alerts. So what now?

This is a question we cover fairly often here. Only last week we reported on the latest version of Mandiant Redline, which will scan your system?s executables and highlight those most likely to be malware. Now, CERT (Computer Emergency Response Team) Austria has come up with another small contribution in DensityScout; it?s not for PC novices, but if you?re an expert computer user then you could find the program very helpful indeed.

What DensityScout essentially tries to do is identify files in a given folder path that have been packed. This is a technique commonly used by malware to obfuscate or encrypt its contents, making it more difficult for regular scanners to identify the threat (although it?s also used by many legitimate programs, so you need to be cautious how you interpret its results).

More information about at:

http://betanews.com/...mpressed-files/
http://betanews.com/...ther-apps-wont/
http://www.cert.at/d...tyscout_en.html