In order to prevent the reverse engineering of a malicious software program and to hinder the analysis of the program’s behaviour, malware developers may compress – or pack – their malicious programs, using a variety of methods combined with file encryption. Antivirus programs detect the results of the actions of Suspicious Packers, i.e. packed items.
There are ways to prevent packed files from being unpacked. For example, the packer may not fully decipher the code – only to the extent that it is executed – or the packer may only fully decrypt and launch a malicious program on a specific day of the week.
The main features that differentiate behaviours in the Suspicious Packers subclass are the type and number of packers used in the file compression process. The Suspicious Packers subclass of malware includes the following behaviours:
Installing effective anti-malware software on all of your devices – including PCs, laptops, Macs, smartphones and tablets – and keeping your anti-malware solution updated, can protect you against Suspicious Packers. Kaspersky Anti-Virus – will detect and prevent a vast range of malicious software programs and suspicious software on your PC, while Kaspersky Internet Security for Android delivers world-class virus protection for Android smartphones. Kaspersky Lab has products that protect the following devices: