The FUD cryptor software encodes the substance of a malevolent executable document (the payload) and combine it with a little stub program. The stub’s occupation is to decode and execute the first malicious program at run-time.
So as to make the subsequent executable document interesting, the FUD program utilizes another encryption key each time it runs. The encryption procedure transforms the payload into what resembles totally arbitrary information,changing any data that antivirus signatures would use to block the original malicious software.
Whitepaper by Alessandro Groppo & Brought to you by PacketStormSecurity
Author – Alessandro Groppo