|
|
|
|
|
|
by rdtsc
5467 days ago
|
|
|
> The code in the MBR uses an unsophisticated encryption algorithm, but even small modifications to the algorithm are sufficient to evade signature-based detection by most antivirus products. from http://www.securelist.com/en/analysis/204792157/TDSS_TDL_4 So it is mainly there to fool anti-virus programs that look for a particular fingerpring, and not necessarily to pass secret info back and forth. |
|
|