# Malware Research Notes
Monday, 22 June 2020
Comparative analysis between Bindiff and Diaphora - Patched Smokeloader Study Case
›
This article presents a comparative study case of diffing binaries using two technologies: Bindiff [ 1 ] and Diaphora [ 2 ]. We approached...
Wednesday, 10 June 2020
Unpacking Smokeloader and Reconstructing PE Programatically using LIEF
›
This article holds notes on my experience unpacking a Smokeloader 2020 sample. The unpacked payload is further used for composing a valid P...
5 comments:
Wednesday, 18 December 2019
Inline Loop Detection for Compressing API Call Traces
›
I have been working on a solution for compressing files containing trace of API calls coming out of a sandbox ( Cuckoo sandbox [ 1 ]). Thi...
Thursday, 31 October 2019
Dynamic Imports and Working Around Indirect Calls - Smokeloader Study Case
›
When reversing malware it is common to find an injected payload loading references to external resources (DLL functions). This happens for t...
2 comments:
›
Home
View web version
