Microsoft has discovered an unusually stealthy Trojan capable of deleting files it downloads in order to keep them away from forensics investigators and researchers.
The Trojan downloader, called Win32/Nemim.gen!A, is the latest example of how malware writers are using sophisticated techniques to protect their own trade secrets. The Trojan essentially makes downloaded component files irrecoverable, so they cannot be isolated and analyzed.
Typically, downloaders’ only job is to deliver the core malware. In this case, the downloader delivered the malware and continued to be an integral part of the operation.