Increased Use of a Delphi Packer to Evade Malware Classification
The concept of "packing" or "crypting" a
malicious program is widely popular among threat actors looking to
bypass or defeat analysis by static and dynamic analysis tools.
Evasion of classification and detection is an arms race in which new
techniques are traded and used in the wild. For example, we observe
many crypting services being offered in underground forums by actors
who claim to make any malware "FUD" or "Fully
Undetectable" by anti-virus technologies, sandboxes and other
endpoint solutions. We also see an increased effort to model normal
user activity ...