Hi Nesivos,
To give a more practical example of this that suits this forum section,
consider this Analysis Report from Anubis:
http://anubis.iseclab.org/?action=result&task_id=1673e4ac35592ca8421c0b12f5565dbe3&format=html
Some of the characteristics that struck me there in the Anubis analysis were:
- Cache\Extensible Cache\MSHist012011021420110221
for example found with Keylogger adware code; XSS attack code;
- NodeSlots 0x020202020202020202020202020202020202020202 attack code;
- CachePrefix :2011021420110221: also found with Trojan OneScan
- Multimedia Update code;
- WDUF49AN comes from SpeyeEye code;
- !SHMSFTHISTORY! mutex deom EMOGEN malware;
- Shell.CMruPidlList is a mutex found in Exploit Kit code;
& ie5!mshist012011021420110221! mutex also found in Fud Keylogger,
This here just to mention a few examples.
Unknown - The file is not an (PE) executable and cannot do any harm,
but I am not completely sure as when it could connect.
Anyway all reported by me to virus AT avast dot com for further analysis,
polonus