The solution to this problem is Hex editing.In Hex editing we take the executable file and divide the file into several pieces with a tool called "file splitter".
Number of pieces depends on the size of the executable.Now each of this file is scanned by an antivirus, all the parts wont detect virus since the signature of the virus or the code that harms the system lies in anyone of the parts.
The part which detects virus is taken and again divided into pieces with the file splitter.
This process is continued until you find a smallest executable which detects the virus.
Open that part of executable in Hex editor and edit certain parts(eg:change a to A and such).
After making these changes compile this code again and the antivirus wont detect it.
Now all you gotta do is bring back the whole executable together.
This technique is common for all the viruses and keyloggers too.
No comments:
Post a Comment