| Share this post! | Vote this! |
|
When analyzing the code of a Trojan horse it often contains
methods and functions that can be assigned to typical function groups
and modules. Even if the code and inner organisation seems to be
chaotic and hard to understand because of its structureless appearance
you can assign a function to at least one of these groups. I want to
give you the big picture, an overview about the inner structure of a
Trojan horse and taking the confusion a little.
Dropper
The Trojan horse is wrapped by its dropper which is not a core component in the proper sense. But because it plays an important role in propagation and the installation of the Trojans it is worth mentioning it.
The dropper, wrapped around the Trojan, on one side determines the Trojans optical appearance, whether it looks like a regular Windows application, a JPEG picture, a PDF file or any other file type. But its main purpose is in the installation of its payload. Once the dropperis executed it examines the new system to see if the place is good to drop its payload. more...
Dropper
The Trojan horse is wrapped by its dropper which is not a core component in the proper sense. But because it plays an important role in propagation and the installation of the Trojans it is worth mentioning it.
The dropper, wrapped around the Trojan, on one side determines the Trojans optical appearance, whether it looks like a regular Windows application, a JPEG picture, a PDF file or any other file type. But its main purpose is in the installation of its payload. Once the dropperis executed it examines the new system to see if the place is good to drop its payload. more...
0 comments:
Post a Comment