File Melt
Created the Saturday 20 February 2021. Updated 2 years ago.
File melting is a technique that malware uses to delete itself after it has been installed on a system. This is often done in order to avoid detection by antivirus programs or other security measures. The process of file melting involves overwriting the file with random data, making it impossible to recover the original file or to detect the presence of the malware.
This technique is often used in combination with other tactics, such as hiding the infected file in a remote location or using encryption to make it difficult to access.
Technique Identifier
Technique Tags
File melting File deletion Overwriting Random data Recovery Encryption Hiding Remove trace
Featured Windows API's
Below, you will find a list of the most commonly used Windows API's that are currently utilized by malware authors for current evasion technique. This list is meant to provide an overview of the API's that are commonly used for this purpose. If there are any API's that you feel should be included on this list, please do not hesitate to contact us. We will be happy to update the list and provide any additional information or documentation that may be helpful.
- CreateRemoteThread
- VirtualAllocEx
- WriteProcessMemory
- VirtualAlloc
- CreateProcessA
- CreateProcessW
- GetProcAddress