Anti-analysis trends in banking malware

Banking Malware, has become a popular and ever more prevalent mechanism to monetise malware development. Since the development of the Zeus malware kit in 2007, the frequency and complexity of banking malware has been increasing. Developing a good understanding of the operation of a malware family is a first step in the reverse engineering required to create tools to extract the malware configuration, which is used in the remediation of malware infrastructure. This reverse engineering process in recent years has become increasingly challenging. This manuscript provides a brief summary of the reverse engineering of banking malware families over a two year period and emphasises the anti-analysis techniques employed by the authors of six families of banking malware. The manuscript presents this analysis, and examines trends in the development of these anti-analysis techniques.