Open Analysis Live! We use IDA Pro and the debugger to unpack a Loki malware sample from a packer that has a ton of anti-analysis, anti-debug, and ant-vm tricks.
-----
OALABS DISCORD
/ discord
OALABS PATREON
/ oalabs
OALABS TIP JAR
ko-fi.com/oalabs
OALABS GITHUB
github.com/OALabs
UNPACME - AUTOMATED MALWARE UNPACKING
www.unpac.me/#/
-----
Automated Malware Unpacking
www.unpac.me/
The original sample from Malware Traffic Analysis:
www.malware-traffic-analysis.n...
The hybrid-analysis sandbox run:
www.hybrid-analysis.com/sampl...
Two excellent manuals for understanding anti-analysis tricks (PDF):
anti-reversing.com/Downloads/A...
www.blackhat.com/presentation...
The unpacked sample:
www.hybrid-analysis.com/sampl...
LordPE ... old school cool : ))
www.aldeid.com/wiki/LordPE
We are always looking for feedback, what did you like, what do you want to see more of, what do you want to see us analyze next? Let us know on twitter:
/ herrcore
/ seanmw
As always check out our tools, tutorials, and more content over at www.openanalysis.net
P.S.
@BinaryAdventure has created an excellent tutorial demonstrating the same technique but using OllyDbg! Check it out • Using OdbgScript to Ov...
Негізгі бет How To Defeat Anti-VM and Anti-Debug Packers With IDA Pro
Пікірлер: 134