Today I have some good news. Backdooring a dll file is a lot easier than I first made it out to be. Especially if we skip the bullshit of the IAT and take advantage of shellcode. There are problems with using shellcode – size constraints are different. In my previous example, I didn’t need much […]
Users of the net dread this screen. They feel when they see it all hope is lost. In the case of this ransomware dropper, the same holds true. In fact, in running this, I lost my downloads folder >:( Indeed, a risk all malware reverse engineers take. Live and learn right? Anywho, let’s dive into […]
For those of you whom saw me at ToorCon and those of you who wish they could have, Here are my slides, and here are my code notes(pass is infected). I also had a 90 minute seminar on reverse engineering malware for newbies. Here are the slides and here are the samples / crackmes /tools. […]
Back for part 2 are we? Let’s get this show on the road. We’ve seen how awful the first piece of malware was in terms of how it was thrown together in all but 10 minutes, but you aint seen nothing yet. The next one actually embeds passwords inside and even email addresses. After that, […]
Hello all! I’m cracking away on various projects and trying to keep focus. As I was going through my old notes, I came across a talk I wanted to give but could not due to my car accident and the subsequent down time caused me to forget. I wanted to cover making your own debugger […]
It happened again at work. This time twice the number of machines hit. The same people hit my company, and they took my advice when I last spoke to them – they obfuscated the executable to make it harder to perform a routine reverse engineering analysis. In this particular case, the obfuscation used was compiled […]