简介：openrce: the open reverse code engineering community

原站：http://www.openrce.org/rss/feeds/articles

“OpenRCE: Articles”的内容更新

累计：9 篇（自 2007-09-03 起）

更新：约2篇/年，最后更新1160 天前

OpenRCE: Articles

The Molecular Virology of Lexotan32: Metamorphism Il

This paper is a direct descendent of my previous one regarding the metamorphic engine of the W32.Evol virus. I advise you to take a look at it before reading this one, or at least be acquainted with the subject of metamorphism. The focus of this paper is the special engine of the Lexotan32 virus. The virus was released in 29A#6 Virus Magazine in 2002, t... (317 天前)

http://inezha.com/w/89y3rwp

OpenRCE: Articles

Defeating HyperUnpackMe2 With an IDA Processor Modul

This article is about breaking modern executable protectors. The target, a crackme known as HyperUnpackMe2,is modern in the sense that it does not follow the standard packer model of yesteryear wherein the contents of the executable in memory, minus the import information, are eventually restored to their original forms.Modern protectors mutilate th... (317 天前)

http://inezha.com/w/ozro2wh

OpenRCE: Articles

Memoryze Memory Forensics Tool

The goal of this article is to demonstrate how simple malware analysis can be using Memoryze and some good old fashion common sense. Readers should have some knowledge of how malware works, and be somewhat familiar with Memoryze. A good place to familiarize yourself with Memoryze is the user guide included in the installer. Memoryze is designed to aid i... (317 天前)

http://inezha.com/w/jybybw9

OpenRCE: Articles

Memoryze and Malware Analysis

The goal of this article is to demonstrate how simple malware analysis can be using Memoryze and some good old fashion common sense. Readers should have some knowledge of how malware works, and be somewhat familiar with Memoryze. A good place to familiarize yourself with Memoryze is the user guide included in the installer. Memoryze is designed to aid i... (317 天前)

http://inezha.com/w/hoyzjwu

OpenRCE: Articles

The Molecular Virology of Lexotan32: Metamorphism Il

This paper is a direct descendent of my previous one regarding the metamorphic engine of the W32.Evol virus. I advise you to take a look at it before reading this one, or at least be acquainted with the subject of metamorphism. The focus of this paper is the special engine of the Lexotan32 virus. The virus was released in 29A#6 Virus Magazine in 2002, t... (317 天前)

http://inezha.com/w/gnrmyws

OpenRCE: Articles

Defeating HyperUnpackMe2 With an IDA Processor Modul

This article is about breaking modern executable protectors. The target, a crackme known as HyperUnpackMe2,is modern in the sense that it does not follow the standard packer model of yesteryear wherein the contents of the executable in memory, minus the import information, are eventually restored to their original forms.Modern protectors mutilate th... (317 天前)

http://inezha.com/w/uvb6uwq

OpenRCE: Articles

The Viral Darwinism of W32.Evol

The W32.Evol virus was discovered around July 2000. Its name is derived from a string found in the virus, but much more can be implied from the name. Up until then, most of the viruses were using Polymorphic engines in order to hide themselves from Anti-Virus scanners. The engine would encrypt the virus with a different key on every generation, and would... (317 天前)

http://inezha.com/w/z5ykr8l

订阅者 ( 2 )

相关订阅源