Forum Discussion
Question malware autodelete
A malware like Trojan:Win32/Wacatac.C!ml can download other malware, this other malware can perform the malicious action, this malware can delete itself and in the next scan of antivirus free this malware that deleted itself will not have any trace and will not be detected by the scan?
1 Reply
Yes, it is possible for a piece of malware to perform its action and then delete its own executable file. In the next simple file scan, that specific file will not be found. However, it is highly unlikely that it will leave "no trace." A comprehensive security scan that checks system memory, registry keys, network logs, and process behavior will very likely detect the remnants of the infection or the ongoing malicious activity.
The self-deletion is a tactic to make forensic analysis harder and to evade simple file-based scanners, but it is not a foolproof method for becoming completely invisible to modern, multi-layered security solutions.
