Microsoft Discovers Trojan that hides files to evade analysis

[Axon]

April 17, 2013

Microsoft has discovered an unusually stealthy Trojan capable of deleting files it downloads in order to keep them away from forensics investigators and researchers.

The Trojan downloader, called Win32/Nemim.gen!A, is the latest example of how malware writers are using sophisticated techniques to protect their own trade secrets. The Trojan essentially makes downloaded component files irrecoverable, so they cannot be isolated and analyzed.

www.infoworld.com/d/security/microsoft-finds-trojan-hides-files-evade-analysis-216664

[NovaCygni]

Unless you can identify the exact cluster the files have been moved to, then its possible to recover them ^^ a  similar  tactic was used by the new wave of RAT's and Botnets being used in the deeper areas of AntiSec, PCI-Rootkits which are generally impossible to detect and even harder to remove. Im sure Microsoft wont take to long to work out to map some memory as virtual harddrive space and  deliberately  infect themselves so that they can control and examine the code in the Sandbox of memory (* Using Ram to Mimic a small SSD *).