Abstract
The infamous computer worm, Conficker, which targeting the Microsoft Windows operating system, was literally over the media. This malicious worm used modern malware technique, where it hide its malicious portion of the program code with a runtime generation and execution of program code and transforming it back into executable code at run time. This obfuscation technique poses obstacles to security researcher who want to understand the malicious features of new or unknown malware especially for those who want to create program of detection and methods of recovery. Our approach is based on observation that sequences of packed or hidden code in two different version of Conficker worm. Self-identifying when its runtime execution is checked against its static code mode and an automating uncompressing code is executed to unpack the packer. Following the extraction of the malicious worm, we focus our analysis on the features of Conficker worm.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
