Soumettre la recherche
Mettre en ligne
PE Packers Used in Malicious Software - Part 1
•
13 j'aime
•
5,630 vues
A
amiable_indian
Suivre
PE Packers Used in Malicious Software - Paul Craig
Lire moins
Lire la suite
Technologie
Divertissement et humour
Signaler
Partager
Signaler
Partager
1 sur 39
Recommandé
PE File Format
PE File Format
n|u - The Open Security Community
Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...
Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...
Maksim Shudrak
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Richard Bullington-McGuire
Operating system and C++ paper for CCEE
Operating system and C++ paper for CCEE
prabhatjon
Android internals 07 - Android graphics (rev_1.1)
Android internals 07 - Android graphics (rev_1.1)
Egor Elizarov
Linux I2C
Linux I2C
KaidenYu
Linux Kernel and Driver Development Training
Linux Kernel and Driver Development Training
Stephan Cadene
Android Storage - Vold
Android Storage - Vold
William Lee
Recommandé
PE File Format
PE File Format
n|u - The Open Security Community
Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...
Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...
Maksim Shudrak
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Richard Bullington-McGuire
Operating system and C++ paper for CCEE
Operating system and C++ paper for CCEE
prabhatjon
Android internals 07 - Android graphics (rev_1.1)
Android internals 07 - Android graphics (rev_1.1)
Egor Elizarov
Linux I2C
Linux I2C
KaidenYu
Linux Kernel and Driver Development Training
Linux Kernel and Driver Development Training
Stephan Cadene
Android Storage - Vold
Android Storage - Vold
William Lee
Socket Programming In Python
Socket Programming In Python
didip
Mpls hacking security Myth
Mpls hacking security Myth
idsecconf
Kernel Recipes 2017 - 20 years of Linux Virtual Memory - Andrea Arcangeli
Kernel Recipes 2017 - 20 years of Linux Virtual Memory - Andrea Arcangeli
Anne Nicolas
Data Structures used in Linux kernel
Data Structures used in Linux kernel
assinha
Fidl analysis
Fidl analysis
TekObserver
Linux binary Exploitation - Basic knowledge
Linux binary Exploitation - Basic knowledge
Angel Boy
Understanding the Android System Server
Understanding the Android System Server
Opersys inc.
Diagnosing and troubleshooting
Diagnosing and troubleshooting
somoloye
Leveraging the Android Open Accessory Protocol
Leveraging the Android Open Accessory Protocol
Gary Bisson
Linux on ARM 64-bit Architecture
Linux on ARM 64-bit Architecture
Ryo Jin
用Raspberry Pi 學Linux I2C Driver
用Raspberry Pi 學Linux I2C Driver
艾鍗科技
PART-3 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
PART-3 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
FastBit Embedded Brain Academy
Bios vs uefi
Bios vs uefi
Faizan Mushtaq
OS X Drivers Reverse Engineering
OS X Drivers Reverse Engineering
Positive Hack Days
Process and Threads in Linux - PPT
Process and Threads in Linux - PPT
QUONTRASOLUTIONS
Device Drivers
Device Drivers
Suhas S R
Kernel Recipes 2015: Kernel packet capture technologies
Kernel Recipes 2015: Kernel packet capture technologies
Anne Nicolas
Linux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver Overview
RajKumar Rampelli
Practical Malware Analysis: Ch 15: Anti-Disassembly
Practical Malware Analysis: Ch 15: Anti-Disassembly
Sam Bowne
CI CD Jenkins for Swift Deployment
CI CD Jenkins for Swift Deployment
Bintang Thunder
PE File Format and Packer - Inc0gnito 2016
PE File Format and Packer - Inc0gnito 2016
Hajin Jang
PE Packers Used in Malicious Software - Part 2
PE Packers Used in Malicious Software - Part 2
amiable_indian
Contenu connexe
Tendances
Socket Programming In Python
Socket Programming In Python
didip
Mpls hacking security Myth
Mpls hacking security Myth
idsecconf
Kernel Recipes 2017 - 20 years of Linux Virtual Memory - Andrea Arcangeli
Kernel Recipes 2017 - 20 years of Linux Virtual Memory - Andrea Arcangeli
Anne Nicolas
Data Structures used in Linux kernel
Data Structures used in Linux kernel
assinha
Fidl analysis
Fidl analysis
TekObserver
Linux binary Exploitation - Basic knowledge
Linux binary Exploitation - Basic knowledge
Angel Boy
Understanding the Android System Server
Understanding the Android System Server
Opersys inc.
Diagnosing and troubleshooting
Diagnosing and troubleshooting
somoloye
Leveraging the Android Open Accessory Protocol
Leveraging the Android Open Accessory Protocol
Gary Bisson
Linux on ARM 64-bit Architecture
Linux on ARM 64-bit Architecture
Ryo Jin
用Raspberry Pi 學Linux I2C Driver
用Raspberry Pi 學Linux I2C Driver
艾鍗科技
PART-3 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
PART-3 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
FastBit Embedded Brain Academy
Bios vs uefi
Bios vs uefi
Faizan Mushtaq
OS X Drivers Reverse Engineering
OS X Drivers Reverse Engineering
Positive Hack Days
Process and Threads in Linux - PPT
Process and Threads in Linux - PPT
QUONTRASOLUTIONS
Device Drivers
Device Drivers
Suhas S R
Kernel Recipes 2015: Kernel packet capture technologies
Kernel Recipes 2015: Kernel packet capture technologies
Anne Nicolas
Linux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver Overview
RajKumar Rampelli
Practical Malware Analysis: Ch 15: Anti-Disassembly
Practical Malware Analysis: Ch 15: Anti-Disassembly
Sam Bowne
CI CD Jenkins for Swift Deployment
CI CD Jenkins for Swift Deployment
Bintang Thunder
Tendances
(20)
Socket Programming In Python
Socket Programming In Python
Mpls hacking security Myth
Mpls hacking security Myth
Kernel Recipes 2017 - 20 years of Linux Virtual Memory - Andrea Arcangeli
Kernel Recipes 2017 - 20 years of Linux Virtual Memory - Andrea Arcangeli
Data Structures used in Linux kernel
Data Structures used in Linux kernel
Fidl analysis
Fidl analysis
Linux binary Exploitation - Basic knowledge
Linux binary Exploitation - Basic knowledge
Understanding the Android System Server
Understanding the Android System Server
Diagnosing and troubleshooting
Diagnosing and troubleshooting
Leveraging the Android Open Accessory Protocol
Leveraging the Android Open Accessory Protocol
Linux on ARM 64-bit Architecture
Linux on ARM 64-bit Architecture
用Raspberry Pi 學Linux I2C Driver
用Raspberry Pi 學Linux I2C Driver
PART-3 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
PART-3 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
Bios vs uefi
Bios vs uefi
OS X Drivers Reverse Engineering
OS X Drivers Reverse Engineering
Process and Threads in Linux - PPT
Process and Threads in Linux - PPT
Device Drivers
Device Drivers
Kernel Recipes 2015: Kernel packet capture technologies
Kernel Recipes 2015: Kernel packet capture technologies
Linux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver Overview
Practical Malware Analysis: Ch 15: Anti-Disassembly
Practical Malware Analysis: Ch 15: Anti-Disassembly
CI CD Jenkins for Swift Deployment
CI CD Jenkins for Swift Deployment
En vedette
PE File Format and Packer - Inc0gnito 2016
PE File Format and Packer - Inc0gnito 2016
Hajin Jang
PE Packers Used in Malicious Software - Part 2
PE Packers Used in Malicious Software - Part 2
amiable_indian
the PE format 2011/01/17
the PE format 2011/01/17
Ange Albertini
Protection
Protection
Sanjay Sharma
PE102 - a Windows executable format overview (booklet V1)
PE102 - a Windows executable format overview (booklet V1)
Ange Albertini
Pe Format
Pe Format
Hexxx
PE Trojan Detection Based on the Assessment of Static File Features
PE Trojan Detection Based on the Assessment of Static File Features
Antiy Labs
Fortinet av
Fortinet av
Lan & Wan Solutions
Exploring the Portable Executable format
Exploring the Portable Executable format
Ange Albertini
Reversing & malware analysis training part 3 windows pe file format basics
Reversing & malware analysis training part 3 windows pe file format basics
securityxploded
Primer on password security
Primer on password security
securityxploded
Lecture 12 malicious software
Lecture 12 malicious software
rajakhurram
En vedette
(12)
PE File Format and Packer - Inc0gnito 2016
PE File Format and Packer - Inc0gnito 2016
PE Packers Used in Malicious Software - Part 2
PE Packers Used in Malicious Software - Part 2
the PE format 2011/01/17
the PE format 2011/01/17
Protection
Protection
PE102 - a Windows executable format overview (booklet V1)
PE102 - a Windows executable format overview (booklet V1)
Pe Format
Pe Format
PE Trojan Detection Based on the Assessment of Static File Features
PE Trojan Detection Based on the Assessment of Static File Features
Fortinet av
Fortinet av
Exploring the Portable Executable format
Exploring the Portable Executable format
Reversing & malware analysis training part 3 windows pe file format basics
Reversing & malware analysis training part 3 windows pe file format basics
Primer on password security
Primer on password security
Lecture 12 malicious software
Lecture 12 malicious software
Similaire à PE Packers Used in Malicious Software - Part 1
Infragard Sept08
Infragard Sept08
Brian Tanner
Bypassing anti virus scanners
Bypassing anti virus scanners
martacax
Writing a Simple OS for Fun
Writing a Simple OS for Fun
Sayeed Mahmud
Post exploitation techniques on OSX and Iphone, EuSecWest 2009
Post exploitation techniques on OSX and Iphone, EuSecWest 2009
Vincenzo Iozzo
Bypassing anti virus scanners
Bypassing anti virus scanners
martacax
PuppetConf 2017: Puppet Tasks: Taming ssh in a "for" loop- Alex Dreyer, Puppet
PuppetConf 2017: Puppet Tasks: Taming ssh in a "for" loop- Alex Dreyer, Puppet
Puppet
Reversingobfuscatedpythonapplications dropbox-140819110311-phpapp01
Reversingobfuscatedpythonapplications dropbox-140819110311-phpapp01
Wajhi Ul Hassan Naqvi
Reversing the dropbox client on windows
Reversing the dropbox client on windows
extremecoders
Big Java Chapter 1
Big Java Chapter 1
Maria Joslin
Making%20R%20Packages%20Under%20Windows
Making%20R%20Packages%20Under%20Windows
tutorialsruby
Making%20R%20Packages%20Under%20Windows
Making%20R%20Packages%20Under%20Windows
tutorialsruby
Large Scale Indexing
Large Scale Indexing
Sease
YAPC::NA 2007 - Epic Perl Coding
YAPC::NA 2007 - Epic Perl Coding
joshua.mcadams
CyberLink LabelPrint 2.5 Exploitation Process
CyberLink LabelPrint 2.5 Exploitation Process
Thomas Gregory
Data analysis with pandas
Data analysis with pandas
Outreach Digital
Data Analysis With Pandas
Data Analysis With Pandas
Stephan Solomonidis
CHAPTER 2 BASIC ANALYSIS.ppt
CHAPTER 2 BASIC ANALYSIS.ppt
ManjuAppukuttan2
Pandas tool for data scientist
Pandas tool for data scientist
MoTechInc
2600 av evasion_deuce
2600 av evasion_deuce
Db Cooper
Joxean Koret - Database Security Paradise [Rooted CON 2011]
Joxean Koret - Database Security Paradise [Rooted CON 2011]
RootedCON
Similaire à PE Packers Used in Malicious Software - Part 1
(20)
Infragard Sept08
Infragard Sept08
Bypassing anti virus scanners
Bypassing anti virus scanners
Writing a Simple OS for Fun
Writing a Simple OS for Fun
Post exploitation techniques on OSX and Iphone, EuSecWest 2009
Post exploitation techniques on OSX and Iphone, EuSecWest 2009
Bypassing anti virus scanners
Bypassing anti virus scanners
PuppetConf 2017: Puppet Tasks: Taming ssh in a "for" loop- Alex Dreyer, Puppet
PuppetConf 2017: Puppet Tasks: Taming ssh in a "for" loop- Alex Dreyer, Puppet
Reversingobfuscatedpythonapplications dropbox-140819110311-phpapp01
Reversingobfuscatedpythonapplications dropbox-140819110311-phpapp01
Reversing the dropbox client on windows
Reversing the dropbox client on windows
Big Java Chapter 1
Big Java Chapter 1
Making%20R%20Packages%20Under%20Windows
Making%20R%20Packages%20Under%20Windows
Making%20R%20Packages%20Under%20Windows
Making%20R%20Packages%20Under%20Windows
Large Scale Indexing
Large Scale Indexing
YAPC::NA 2007 - Epic Perl Coding
YAPC::NA 2007 - Epic Perl Coding
CyberLink LabelPrint 2.5 Exploitation Process
CyberLink LabelPrint 2.5 Exploitation Process
Data analysis with pandas
Data analysis with pandas
Data Analysis With Pandas
Data Analysis With Pandas
CHAPTER 2 BASIC ANALYSIS.ppt
CHAPTER 2 BASIC ANALYSIS.ppt
Pandas tool for data scientist
Pandas tool for data scientist
2600 av evasion_deuce
2600 av evasion_deuce
Joxean Koret - Database Security Paradise [Rooted CON 2011]
Joxean Koret - Database Security Paradise [Rooted CON 2011]
Plus de amiable_indian
Phishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
amiable_indian
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
amiable_indian
Secrets of Top Pentesters
Secrets of Top Pentesters
amiable_indian
Workshop on Wireless Security
Workshop on Wireless Security
amiable_indian
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
amiable_indian
Workshop on BackTrack live CD
Workshop on BackTrack live CD
amiable_indian
Reverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
State of Cyber Law in India
State of Cyber Law in India
amiable_indian
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
amiable_indian
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
amiable_indian
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
amiable_indian
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
amiable_indian
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
amiable_indian
Reverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
Hacking Client Side Insecurities
Hacking Client Side Insecurities
amiable_indian
Web Exploit Finder Presentation
Web Exploit Finder Presentation
amiable_indian
Network Security Data Visualization
Network Security Data Visualization
amiable_indian
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
amiable_indian
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
amiable_indian
What are the Business Security Metrics?
What are the Business Security Metrics?
amiable_indian
Plus de amiable_indian
(20)
Phishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
Secrets of Top Pentesters
Secrets of Top Pentesters
Workshop on Wireless Security
Workshop on Wireless Security
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Workshop on BackTrack live CD
Workshop on BackTrack live CD
Reverse Engineering for exploit writers
Reverse Engineering for exploit writers
State of Cyber Law in India
State of Cyber Law in India
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
Reverse Engineering for exploit writers
Reverse Engineering for exploit writers
Hacking Client Side Insecurities
Hacking Client Side Insecurities
Web Exploit Finder Presentation
Web Exploit Finder Presentation
Network Security Data Visualization
Network Security Data Visualization
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
What are the Business Security Metrics?
What are the Business Security Metrics?
Dernier
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
wesley chun
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
Pixlogix Infotech
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
Dernier
(20)
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
Slack Application Development 101 Slides
Slack Application Development 101 Slides
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
PE Packers Used in Malicious Software - Part 1
1.
2.
3.
Refresher #1 -
PE-COFF: The Windows Executable Format. Section-By-Section
4.
5.
6.
7.
8.
Refresher #2 -
The Who, How, What, Why of Windows Import Address Tables
9.
10.
11.
12.
13.
14.
15.
16.
17.
DOS – MZ
header
18.
PE header
19.
Windows reads section
table
20.
Memory allocated for
executable
21.
Disk image copied
to memory
22.
Windows populates IAT
of PE packer
23.
.UNPACKER section starts
executing
24.
.UNPACKER unpacks .PACKED-DATA
into memory
25.
Unpacked, it is
now larger in memory
26.
PE Packer populates
Import Table
27.
Reset stack registers
28.
Jump to Original
Entry Point (OEP)
29.
And it runs!
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.