Virus writers have created a monthly basis for some 33 malware in 2011.
According to Symantec, in 2011, was found 400 examples of malware that can bypass the automated malware analysis.
“If malware can hide itself from the automated analysis of the threats, they can mingle with millions of other files, and anti-virus software will not calculate them” – said representatives of Symantec.
Malware authors supply their development mechanism to detect the sandbox. In particular, such mechanisms include “registry scan”, “check the video drivers”, “use of special programs in assembly language” as well as the mechanism of “check-defined process.”
When the program detects a sandbox, it stops working. Subsequently sandpit finds this site malicious.
Malware authors are trying to use new developments to bypass automated malware analysis. It should be noted that such systems are spending very little time to check files and may miss the malicious code. That is why the IT-specialists examined by analyzing the behavior of software programs and statistical.
Links:
