Columbo: High perfomance unpacking
J Raber - 2017 IEEE 24th International Conference on …, 2017 - ieeexplore.ieee.org
Columbo: High perfomance unpacking Page 1 Columbo High Perfomance Unpacking Jason
Raber New Technologies, Malwarebytes Santa Carla, USA jraber@malwarebytes.com …
Raber New Technologies, Malwarebytes Santa Carla, USA jraber@malwarebytes.com …
Generic unpacking techniques
K Babar, F Khalid - 2009 2nd International Conference on …, 2009 - ieeexplore.ieee.org
Traditional signature-based malware detection techniques rely on byte sequences, called
signatures, in executable for signature-matching. Modern malware authors can bypass …
signatures, in executable for signature-matching. Modern malware authors can bypass …
Generic unpacking using entropy analysis
G Jeong, E Choo, J Lee… - 2010 5th International …, 2010 - ieeexplore.ieee.org
Malwares attempt to evade AV scanners using various obfuscation techniques. Packing is a
popular obfuscation technique used by 80% of malwares. In this paper, we propose a …
popular obfuscation technique used by 80% of malwares. In this paper, we propose a …
A unpacking and reconstruction system-AGUnpacker
SC Yu, YC Li - 2009 International Symposium on Computer …, 2009 - ieeexplore.ieee.org
Malware are packed to create new variants in order to evade signature-based detector or
reverse engineering (RE). According to the primary behaviors of packing, which are code …
reverse engineering (RE). According to the primary behaviors of packing, which are code …
[PDF][PDF] RoAMer: the robust automated malware unpacker
Dumping is technically easier to achieve Static analysis often does not require a perfect
reconstruction of the original Unpacked samples are easier to utilize in dynamic analysis …
reconstruction of the original Unpacked samples are easier to utilize in dynamic analysis …
Memory behavior-based automatic malware unpacking in stealth debugging environment
Y Kawakoya, M Iwamura, M Itoh - 2010 5th International …, 2010 - ieeexplore.ieee.org
Malware analysts have to first extract hidden original code from a packed executable to
analyze malware because most recent malware is obfuscated by a packer in order to disrupt …
analyze malware because most recent malware is obfuscated by a packer in order to disrupt …
[图书][B] Maitland: analysis of packed and encrypted malware via paravirtualization extensions
CA Benninger - 2012 - search.proquest.com
Malicious software (malware) attacks are an ever-increasing cyber-security problem. One
reason for this trend is the widespread adoption of packing technology as a way to mask the …
reason for this trend is the widespread adoption of packing technology as a way to mask the …
Precise system-wide concatic malware unpacking
D Korczynski - arXiv preprint arXiv:1908.09204, 2019 - arxiv.org
Run time packing is a common approach malware use to obfuscate their payloads, and
automatic unpacking is, therefore, highly relevant. The problem has received much attention …
automatic unpacking is, therefore, highly relevant. The problem has received much attention …
Comparing malware samples for unpacking: A feasibility study
R Isawa, M Morii, D Inoue - 2016 11th Asia Joint Conference on …, 2016 - ieeexplore.ieee.org
When an analyst examines the binary of malware to obtain some useful information for
defense and mitigation, she is often required to extract its original binary first. Packing is the …
defense and mitigation, she is often required to extract its original binary first. Packing is the …
RePEconstruct: reconstructing binaries with self-modifying code and import address table destruction
D Korczynski - 2016 11th International Conference on Malicious …, 2016 - ieeexplore.ieee.org
Reverse engineering packed binaries remain a tedious challenge as code packing is
continuously being used by malware to hinder detection and analysis. The problem of …
continuously being used by malware to hinder detection and analysis. The problem of …