What to imagine behind Win32:MalOb [Cryp]
Our users are sometimes confused what can some malware name mean. In fact – there are some names without an special meaning – they are mostly related to short-lived pieces of malware. Contrary to this daily stuff there are some malware families (long-lived, widespread or highly dangerous), which should have some unique name. One of the reasons could be the possibility of effective seeking through the results of search engines (check the difference when you type “Win32:Trojan-gen” and “Win32:Fasec” in your search engine). There’s not a mandatory naming convention applicable to all AV vendors. Our names contain these parts:
- platform (or file type) prefix
- malware name
- malware type
Trj = trojan horse
Wrm = worm
Rtk = rootkit
Expl = exploit
Cryp = malware cryptor
and few others. Sometimes the malware type is missing. This means either an file infector or some kind of generic malware. You can always use our forums when you are not sure what you’re dealing with. And now the answer to the question in title – what to imagine behind Win32:MalOb [Cryp]?
Win32 – means a platform, that the malware was developed for
MalOb – it’s a shortcut for “malware obfuscator” – this means that the file was modified with some custom tool to hide the bad things
Cryp – cryptor used (only) by malware creators
Btw: the spectrum of malware covered by Win32:MalOb consists of fake antiviruses, fake codecs, spam engines etc.