Microsoft Discovers Trojan That Erases Evidence Of Its Existence

An posting from dark reading: Researchers at Microsoft have spotted a Trojan downloader that does something very savvy yet rare: it deletes its own components so researchers and forensics investigators can’t analyze or identify it.

The so-called Win32/Nemim.gen!A Trojan is also unusual in that unlike most Trojan downloaders that are put in place to deliver the real payload, this Trojan is also the payload, according to Jonathan San Jose, a member of Microsoft’s Malware Protection Center.

But the researchers lucked out and found some of pieces of the malware. “Most URLs that this trojan attempts to connect to for downloading are currently unavailable, but we got lucky and were able to find some of its components to investigate further,” San Jose says in a blog post.

To read more click here:

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.