2

I know about websites like VirusTotal, and programs like herdprotect.

I'm using Avira and Superantispyware, but once the large bin files are scanned, usually nothing is found.

But after running an installer that unpacks the bin files, the result of installed files and folders did produce some trojans, and other warnings once unpacked.

Are most anti-virus programs and malware scanners scanning .bin files inside for content or not?

schroeder
  • 123,438
  • 55
  • 284
  • 319
marpom
  • 21
  • 1
  • 2
  • Most scanners scan it. And there are some open source if you wanted code. Otherwise don't forget to report the anti virus company which failed to scan it. Some provides reward – haseeb Nov 06 '15 at 16:15

1 Answers1

1

Scanning packed files like archives is very resource intensive. Many administrators limit the amount of (recursive) unpacking to preserve resources. Malware authors know that and like to pack, archive and encrypt files multiple times. This increases the chance of causing false-negatives.

If you want to deal with such files, you have to unpack and analyze them, no matter how much resources it might cost (as long as it is not causing a resource exhausting DoS in your environment).

Marc Ruef
  • 1,060
  • 5
  • 12