• boredsquirrel
      link
      fedilink
      77 months ago

      Yes and if viruses use something like base64 encoding or other methods, the hashes dont match anymore.

      As far as I understood it, it is pretty easy to make your virus permanently un-hashable by just always changing some bits

        • boredsquirrel
          link
          fedilink
          17 months ago

          This is obviously not about this known file.

          It is about “would this scanner detect a system package from the official repos opening an ssh connection”

    • Possibly linux
      link
      fedilink
      English
      2
      edit-2
      7 months ago

      That doesn’t work against polymorphic malware

      I think the best way is to monitor calls and behavior. Doing that is a privacy nightmare