-
Notifications
You must be signed in to change notification settings - Fork 14
Obfuscation Files or Information
Veramine edited this page Apr 24, 2017
·
1 revision
Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system. You can read more about this attacker technique at https://attack.mitre.org/wiki/Technique/T1027.
The majority of the Veramine detection algorithms rely on the behavior of the process or user being evaluated. At the moment, every binary is evaluated by a rudimentary binary analysis pipeline including scanning by anti-malware products but the primary detection value of our product is in behavioral analysis and not static analysis.