Trojan Nap

[Gnosis]

Trojan Nap evades behavioral anti-malware by performing a few functions and then it stops executing anything for 10 minutes.

MORE:

http://www.infosecurity-magazine.com/view/30622/malware-takes-a-nap-to-avoid-detection/

 

[Plexx]

Considering the hooking technique, I do wonder if COMODO would keep it up with such Nap. You can pretty much forget about avast or even ESET detecting this whilst or after the 10 min mark though.

 

[Ink]

Malware Authors = 1 step ahead.

 

[Gnosis]

Well, if there is anything to this, all of my excitement pertinent to BB's and HIPS is unfounded. Maybe it is time for me to be happy with Sandboxie and stay out of the real-time security arms races. lol

It will be cool if someone will acquire this type of malware and test it against Malware Defender, ESET, Comodo, KIS, ThreatFire, Mamutu, and ZoneAlarm, and any other popular BB/HIPS/HIDS equipped security programs.

 

[Gnosis]

Splendid LINKS FOR Trojan NAP:

http://www.networkworld.com/news/2013/020713-sleeper-malware-like-nap-trojan-266490.html

http://www.deependresearch.org/2013/02/trojan-nap-aka-kelihoshlux-feb-2013.html

http://contagiodump.blogspot.com/2013/02/trojan-nap-aka-kelihoshlux-status.html

REMOVAL PROCEDURE according to the Dr. Web team:

http://www.drwebhk.com/en/virus_removal/521268/Trojan.PWS.QQPass.NAP.html