nerdexam
ExamsGCIHQuestions#36
GIAC

GCIH · Question #36

GCIH Question #36: Real Exam Question with Answer & Explanation

The correct answer is B: EliteWrap. EliteWrap is a binder utility that merges two executables into a single package and encrypts the result to evade antivirus detection.

Malware Analysis & Advanced Persistent Threats

Question

Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?

Options

  • ATrojan Man
  • BEliteWrap
  • CTiny
  • DNetBus

Explanation

EliteWrap is a binder utility that merges two executables into a single package and encrypts the result to evade antivirus detection.

Common mistakes.

  • A. Trojan Man is not a recognized or documented binder or encryption utility used to combine programs and evade antivirus detection.
  • C. Tiny refers to lightweight compilers or minimal programs and is not associated with binding executables together and encrypting them to bypass antivirus software.
  • D. NetBus is a remote access trojan used for unauthorized remote control of a compromised system, not a tool for combining or encrypting multiple executables.

Concept tested. Trojan binder tool encrypting payloads to evade antivirus

Topics

#EliteWrap#trojan builder#AV evasion#malware packaging

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice