Quote:
Originally Posted by dyn!o
You might be right, but then they could implement at least custom virtualization (maintaining actual architecture) + stronger data encryption. Anything, which could slow-down the analysis.
|
Quote:
Originally Posted by gigaman
Maybe such non-x86 blocks (or the corresponding interpreters) are more likely to trigger antivirus heuristics... so while analysis would certainly be harder, the probability of earlier detection could also be higher.
|
Can you elaborate how this could be done by linking books/tutorials/topic about making it harder to analysis? (I'm not much but new on this area..)
Hope I would get a detailed answer.
-Stitch