Runtime Packers: The Hidden Problem? presented at Blackhat USA 2005

by Maik Morgenstern, Tom Brosch,

Tags: Security Malware

Summary : Runtime packers are a widely-used
technique in malware today. Virtually every Win32 malware added to the
WildList as well as ad- and spyware is packed with one or another
runtime packer. Not only can they turn older malware into new threats
again, but they might also prevent AV vendors from using more generic
approaches and therefore requiring more work, which possibly generates
more errors or broken updates, unless the product is able to handle all
the different runtime packers out there.