Obfuscation procedure based on the insertion of the dead code in the crypter by binary search

Abstract

What threatens the cyberspace is known as malware, which in order to infect the technological devices, it has to be capable of bypassing the antivirus motor. To avoid the antivirus detection, the malicious code requires to be updated and have undergone an obfuscation process. However, the problem of the updating is to consider that the malware maintains its functionality based on its specific characteristics, and also to be checked by specilized informatic resources. For the aforementioned, this paper proposes a procedure that allows to apply the AVFUCKER, DSPLIT, and Binary Division techniques with the aim of optimizing the necessary technological resources, and reducing the time of analysis of the malware's functionality and the evasion of the antivirus.

What threatens the cyberspace is known as malware, which in order to infect the technological devices, it has to be capable of bypassing the antivirus motor. To avoid the antivirus detection, the malicious code requires to be updated and have undergone an obfuscation process. However, the problem of the updating is to consider that the malware maintains its functionality based on its specific characteristics, and also to be checked by specilized informatic resources. For the aforementioned, this paper proposes a procedure that allows to apply the AVFUCKER, DSPLIT, and Binary Division techniques with the aim of optimizing the necessary technological resources, and reducing the time of analysis of the malware's functionality and the evasion of the antivirus.