Abstract: Today the world is heading towards internet related activities at every zone of life. With the same pace the threat of malwares are also proportionally increasing with the usage. Although most of the threats detecting strategies are highly active, malware builders are also trying to strengthen their shield to overcome malware detection. Cryptography’s dark side is being utilized for this purpose. Using cryptography the appearance of the malicious code is scrambled, thereby helping to bypass the anti-virus employed for detection purpose. Hence to identify the underlying cryptography is the main goal to be achieved to stop such malicious activities. To identify the presence of cryptography the execution of such programs were monitored using a DBA tool named Valgrind. The results shows the memory locations of famous cryptographic routines. Further with the help of signature based matching, the malicious presence was confirmed.

Keywords: AES; Cryptography; Malware; Malware Signature; RSA; SHA-1; Valgrind.