#+HashtagPLUS
In

Menu

Post image 1
Post image 2
Post image 3
Post image 4
Post image 5
Post image 6
Post image 7
Post image 8
Post image 9
Post image 10
Post image 11
Post image 12
Post image 13
Post image 14
Post image 15
Post image 16
Post image 17
Post image 18
Post image 19
Post image 20
Post image 21
Post image 22
Post image 23
Post image 24
Post image 25
1 / 25
0

UPX Packed Headaches

Akamai·Akamai SIRT·about 1 month ago
#ni2Xptsq
#binary#unpacked#headers#tool#photo#article
Reading 0:00
15s threshold

Researching malware has many challenges.  One of those challenges is obfuscated code and intentionally corrupted binaries. To address challenges like this, we've written a small tool in C that could fix intentionally corrupted binaries automatically. We also plan to open-source the project so other researchers could use it too, and perhaps improve and expand upon the tool's capabilities as needed. \r\n Intentionally corrupted \r\n An example of this scheme entails packing a binary with the UPX packer and modifying key fields in the file's UPX header -  typically the file size. \r\n These modifications will allow the binary to run without problems if executed, but typically cause the UPX unpacking utility to throw errors and be unable to unpack the "mangled" binary.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free accountLog in
Read More