From the course: Wireshark: Malware and Forensics
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Using VirusTotal - Wireshark Tutorial
From the course: Wireshark: Malware and Forensics
Using VirusTotal
- [Instructor] Although antivirus companies tune their software to scan for viruses, modern day malware is polymorphic in nature and can change to elude detection. A polymorphic virus is an encrypted virus that changes in form every time it replicates and infects a new file. The virus uses encryption to conceal the main body of the virus code so that it appears meaningless to the antivirus. Each time the virus transfers to a new system, it uses a different encryption decryption method. The code continues to function in the same manner. The virus may mutate hundreds, if not thousands of times. Because of this, the virus is very difficult to detect. A metamorphic virus is very complex and very difficult to detect. It can change its own code with each infection. Each iteration modifies the structure so that the virus can infect executables on different operating systems. Because these types of viruses are so capable of eluding detection, detection engines monitor for virus-like behavior.…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.