No announcement yet.

Trojans - Wrappers

  • Time
  • Show
Clear All
new posts

  • Trojans - Wrappers

    An attacker can use a wrapper to merge a harmless executable with a trojan to create a single executable file from the two. Some more advanced wrapper-style programs can even bind together several applications rather than just two. The intention of the attacker is to make an executable seem harmless and lure a victim into downloading and executing it. When the downloaded file is executed, the infecter installs and takes control over the target system.

    Some well known wrappers are listed here...

    EliteWrap is one of the more popular wrapping tools, due to its rich feature set that includes the ability to perform redundancy checks on merged files to make sure the process was successful and the ability to check if the software will install as expected. It also will allow for silent installs without any user interaction.

    Satan Wrap
    This software was build with the main purpose of hiding Back Orifice. It can bundle Back Orifice with an existing program into what appears to be a standard program using Install Shield.

    Trojan Man
    This software can encrypt the newly made package in order to bypass antivirus programs.

    Teflon Oil Patch
    This software is designed to bind trojans to a specified file in order to defeat anti-malware software.

    This software can add a payload to, for example, a seemingly harmless screen saver, before it is forwarded to the victim.

    Firekiller 2000
    This piece of software is designed to be used with other applications when wrapped. It has the ability to disable local software firewalls and antivirus software.
    Antivirus software such as Norton and McAfee were vulnerable targets prior to being patched.
    Certified Security Geek