Security company Damaballa says it has found two utilities that help mask new files introduced to a system. The tools are closely related to capabilities seen in the destructive malware that hit Sony Pictures Entertainment last year. One tool, setMFT, enables a technique called timestopping, which can make a file appear to have a different timestamp. The other tool, afset, is used for timestomping and cleaning up log data stored in Windows. The utilities were discovered as Damballa was investigating a new version of the “Destover” malware.”]