Avast says more than 30 hacker groups have been using a malware crypter dubbed OnionCrypter. A crypter is used for encrypting, obfuscating and manipulating malware to make detection more difficult. Avast: “Its widespread use and length of time in use make it a key malware infrastructure component” The crypter, 32-bit software written in C++, has three layers: Layer 1: This outer layer has one main function, which varies based on the encrypted malware. Layer 2: This is a shell code that decrypts another layer. Layer 3: This layer uses the same decryption processes as the second layer to load important API functions.”]
Source: https://www.bankinfosecurity.com/researchers-uncover-widely-used-malware-crypter-a-16212

