Tag: , , , , , ,

Retrieve Self-Decoding Key

Learning Goals: Understand PE manifest Practice analyzing function call parameters and stack Applicable to: Operating Systems Assembly...

Tracing DLL Entry Point

Learning Goals: Understand C calling convention Practice reverse engineering Applicable to: Operating Systems Assembly Language 1....

Debug the Debugger – Fix Module Information and UDD File

Learning Goals: Understand how debugger saves debugger information Know how to use binary editor to examine file contents Trouble shooting...

Starling Technique and Hijacking Kernel System Calls using Hardware Breakpoints

Learning Goals: Understand hardware breakpoint Understand vectored/structured exception handling Understand the tricks that interrupt...

Tricks for Confusing Static Analysis Tools

Learning Goals: Explore Use of Stack for Supporting Function Calls Practice Reverse Engineering Applicable to: Operating Systems. Computer...

Encoded Export Table

 Learning Goals: Practice reverse engineering techniques. Understand basic checksum functions. Applicable to: Operating Systems. Computer...

Int2d Anti-Debugging Trick (Part III)

Learning Goals: Apply the techniques presented in Tutorials 3 and 4 to analyzing Max++ anti-debugging trick. Practice reverse...

Int2dh Anti-Debugging (Part II)

Learning Goals: Explore the behavior difference of debuggers on int 2dh. Debugging and modification of binary executable programs. Basic...

int2d anti-debugging (Part I)

Learning Goals: Understand the general interrupt handling  mechanism on X86 platform. Understand the byte scission anti-debugging...

Ring3 Debugging

Learning Objectives: Efficiently master a Ring3 debugger such as Immunity Debugger Can control program execution (step in, over,...

VM Based Analysis Platform

Learning Goals: Configure a virtual machine based experimental platform for malware analysis. Master basic network sniffing/monitoring...

CaptureBat – Dynamic Malware Analysis Tool

As I mentioned in one of my previous posts about tools for Dynamic Malware Analysis, CaptureBat is a very essential tool for this purpose....

Dynamic Malware Analysis Tools

It would not be wrong to say that every malware has its personality. Not that we want to start treating malwares like living things but the...

Malware Sample Sources

So where do we get the Malware samples from… except the infected machines in a Cyber Cafe of course (The sources are listed in no...

Malware Analysis tools chest: ClamAV

ClamAV is not a tool for analyzing malwares per se, it is more of a tool for organizing and is mainly useful in the pre-analysis stages....

Virtual Machines for Malware Analysis

An ideal setup for Malware Analysis would be to have a machine where we can readily install and execute malicious programs. But given the...

So just how do I analyze Malware ?

There are two main ways in which Malwares are analyzed 1. Behavioral Analysis 2. Static Analysis In Behavioral Analysis we observe the...

Reptile Malware – Behavioral Analysis

I began by having a fresh VMWare image of Windows XP. Tools which you should have ready before you start behavioral analysis: Regshot...

Reverse Engineering Malware: ZeroAccess / Max++ / Smiscer Crimeware Rootkit

This four part article series is a complete step-by-step tutorial on how to reverse engineer the ZeroAccess Rootkit. ZeroAcess is also...

ZeroAccess Malware Part 2: The Kernel-Mode Device Driver Stealth Rootkit

In Part 2 of the ZeroAccess Malware Reverse Engineering series of articles, we will reverse engineer the first driver dropped by the...

ZeroAccess Malware Part 3: The Device Driver Process Injection Rootkit

Let’s now take a look at the second driver dropped by the agent. This driver allows for ZeroAccess to inject arbitrary code into the...

ZeroAccess Malware Part 4: Tracing the Crimeware Origins by Reversing Injected Code

In this final part we will trace the origins of the ZeroAccess rootkit. We will discover that the purpose of this rootkit is to set up a...

Shellcode analysis on Linux x86 32bit

Most of the programs that we use every day contain bugs; a bug is a malfunction in a program, which can make the program take unwanted...

Steam Server Admin Hack 2011

Steam Anti Vac Ban Code Lines from exe Steam Anti Vac Ban 2011.exe...

ZeroAccess Rootkit Launched by Signed Installers

Digital certificates and certificate authorities have been much in the news recently. Attacks–such as those used by Stuxnet, Duqu, and...

Malware Analisys Basics 2

Malware Analisys Basics 2   Σε αυτό το tutorial θα δείτε πως μπορείτε να διαβάσετε ένα infected...

Paysafecard Money Doubler – Virus

Paysafecard Money Doubler http://www.youtube.com/watch?v=TETKeaMa09k Code lines from exe...

Malware Analisys- Stealer

Malware Analisys- Stealer     Malware Analisys Basics / Reversing a backdoored file The » Hacker » Email:...

Malware Analisys- Stealer 2

Malware Analisys- Stealer 2   Malware Analisys Basics / Reversing a backdoored file Scan Report SHA256:...

FaceBook Hacking Tool – Backdoored with Stealer

FaceBook Hacking Tool – Backdoored with Stealer     http://www.youtube.com/watch?v=W6XNEj_zwjo   Original Youtube video with the...