H
hjlbx
Thread author
Hello,
How is it that an AV vendor will add a malware dropper's signature to its database, but not the signatures of the actual malware that the dropper will install?
To me, this does not seem logical...but logic may not have anything to do with the reality of how things work in the AV security world.
I do not know the subtleties and complexities of how malware signatures are added to AV databases. As far as I know a signature is a hash. Other than that I know next to nothing.
Can someone shed light on the subject?
Thanks,
hjlbx
How is it that an AV vendor will add a malware dropper's signature to its database, but not the signatures of the actual malware that the dropper will install?
To me, this does not seem logical...but logic may not have anything to do with the reality of how things work in the AV security world.
I do not know the subtleties and complexities of how malware signatures are added to AV databases. As far as I know a signature is a hash. Other than that I know next to nothing.
Can someone shed light on the subject?
Thanks,
hjlbx