Signature based detection is one of the first techniques used to identify potentially malicious software. Signatures are often represented in the form of a hash (MD5, SHA1, SHA256). This is a great start into your investigation, but there are limitations. For example, an attacker could make small change in their code and the signature value… Continue reading Fuzzy Hashes