It is no longer the day of human-readable injections, or even the use of basic encoding schemes like base64. Instead we’re seeing a rise in complex, and in some instances, elusive encoding schemes that carry with them a big punch.
There are varying degrees of malware injections that include some of the following traits:
- Encoding (pretty basic)
- Encryption & Encoding (a bit more exciting and challenging)
- Concatenation & Encryption & Encoding ( gets our hearts pumping a bit faster)
- Cameleon integration (flows with existing code and difficult to detect)
In this post we’ll look at an instance where the malware leverages a combination of encoding, concatenation and cameleon traits to impact the end-user.